/** * Performs searching and returns results. * * This is now performed by doArticles(). * * @param string $q * @deprecated in 4.0.4 * @see doArticles() */ function search($q) { global $prefs; $url = $prefs['siteurl']; extract($prefs); $s_filter = filterSearch(); $form = fetch('form', 'txp_form', 'name', 'search_results'); // Lose this eventually - only used if search_results form is missing. $form = !$form ? legacy_form() : $form; $rs = safe_rows("*, ID AS thisid, UNIX_TIMESTAMP(Posted) AS posted, Title AS title,\n MATCH (Title,Body) AGAINST ('{$q}') AS score", 'textpattern', "(Title RLIKE '{$q}' OR Body RLIKE '{$q}') {$s_filter}\n AND Status = 4 AND Posted <= " . now('posted') . " ORDER BY score DESC LIMIT 40"); if ($rs) { $result_rows = count($rs); $text = $result_rows == 1 ? gTxt('article_found') : gTxt('articles_found'); } else { $result_rows = 0; $text = gTxt('articles_found'); } $results[] = graf($result_rows . ' ' . $text); if ($result_rows > 0) { foreach ($rs as $a) { extract($a); $result_date = safe_strftime($archive_dateformat, $posted); $uTitle = $url_title ? $url_title : stripSpace($Title); $hurl = permlinkurl($a); $result_url = '<a href="' . $hurl . '">' . $hurl . '</a>'; $result_title = '<a href="' . $hurl . '">' . $Title . '</a>'; $result = preg_replace("/>\\s*</", "> <", $Body_html); preg_match_all("/\\s.{1,50}" . preg_quote($q) . ".{1,50}\\s/i", $result, $concat); $concat = join(" ... ", $concat[0]); $concat = strip_tags($concat); $concat = preg_replace('/^[^>]+>/U', "", $concat); $concat = preg_replace("/({$q})/i", "<strong>\$1</strong>", $concat); $result_excerpt = $concat ? "... " . $concat . " ..." : ''; $glob['search_result_title'] = $result_title; $glob['search_result_excerpt'] = $result_excerpt; $glob['search_result_url'] = $result_url; $glob['search_result_date'] = $result_date; $GLOBALS['this_result'] = $glob; $thisresult = $form; $results[] = parse($thisresult); } } return is_array($results) ? join('', $results) : ''; }
function search($q) { global $prefs; $url = $prefs['siteurl']; extract($prefs); $s_filter = filterSearch(); $form = fetch('form', 'txp_form', 'name', 'search_results'); // lose this eventually - only used if search_results form is missing $form = !$form ? legacy_form() : $form; $rs = safe_rows("*, ID as thisid, unix_timestamp(Posted) as posted, Title as title,\n\t\t\tmatch (Title,Body) against ('{$q}') as score", "textpattern", "(Title rlike '{$q}' or Body rlike '{$q}') {$s_filter}\n\t\t\tand Status = 4 and Posted <=now() order by score desc limit 40"); if ($rs) { $result_rows = count($rs); $text = $result_rows == 1 ? gTxt('article_found') : gTxt('articles_found'); } else { $result_rows = 0; $text = gTxt('articles_found'); } $results[] = graf($result_rows . ' ' . $text); if ($result_rows > 0) { foreach ($rs as $a) { extract($a); $result_date = safe_strftime($archive_dateformat, $posted); $uTitle = $url_title ? $url_title : stripSpace($Title); $hurl = permlinkurl($a); $result_url = '<a href="' . $hurl . '">' . $hurl . '</a>'; $result_title = '<a href="' . $hurl . '">' . $Title . '</a>'; $result = preg_replace("/>\\s*</", "> <", $Body_html); preg_match_all("/\\s.{1,50}" . preg_quote($q) . ".{1,50}\\s/i", $result, $concat); $concat = join(" ... ", $concat[0]); $concat = strip_tags($concat); $concat = preg_replace('/^[^>]+>/U', "", $concat); $concat = preg_replace("/({$q})/i", "<strong>\$1</strong>", $concat); $result_excerpt = $concat ? "... " . $concat . " ..." : ''; $glob['search_result_title'] = $result_title; $glob['search_result_excerpt'] = $result_excerpt; $glob['search_result_url'] = $result_url; $glob['search_result_date'] = $result_date; $GLOBALS['this_result'] = $glob; $thisresult = $form; $results[] = parse($thisresult); } } return is_array($results) ? join('', $results) : ''; }
function link_list($message = '') { global $step, $link_list_pageby; extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'name': $sort_sql = 'linksort ' . $dir . ', id asc'; break; case 'description': $sort_sql = 'description ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; default: $dir = 'asc'; $sort_sql = 'linksort asc'; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "id = '{$crit_escaped}'", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = getCount('txp_link', $criteria); if ($total < 1) { if ($criteria != 1) { echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"'); } else { echo n . graf(gTxt('no_links_recorded'), ' style="text-align: center;"'); } return; } $limit = max(@$link_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo link_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo n . n . '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list') . n . tr(column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method) . hCell() . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method) . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method) . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method) . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method) . hCell()); while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; echo tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li>' . href(gTxt('view'), $url) . '</li>' . n . '</ul>', 35) . td(href($linkname, $edit_url), 125) . td($description, 150) . td('<span title="' . fetch_category_title($category, 'link') . '">' . $category . '</span>', 125) . td(safe_strftime('%d %b %Y %I:%M %p', $uDate), 75) . td(fInput('checkbox', 'selected[]', $id))); } echo n . n . tr(tda(select_buttons() . link_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="7" style="text-align: right; border: none;"')) . endTable() . '</form>' . n . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('link', $link_list_pageby); } }
/** * Generates a <table> of every language that Textpattern supports. * * If requested with HTTP POST parameter 'force' set anything other than 'file', * outputs any errors in RPC server connection. * * @param string|array $message The activity message */ function list_languages($message = '') { require_once txpath . '/lib/IXRClass.php'; $active_lang = safe_field("val", 'txp_prefs', "name = 'language'"); $lang_form = tag(form(tag(gTxt('active_language'), 'label', array('for' => 'language')) . languages('language', $active_lang) . eInput('lang') . sInput('save_language')), 'div', array('class' => 'txp-control-panel')); $client = new IXR_Client(RPC_SERVER); // $client->debug = true; $available_lang = array(); $rpc_connect = false; $show_files = false; // Get items from RPC. @set_time_limit(90); // TODO: 90 seconds: seriously? if ($client->query('tups.listLanguages', get_pref('blog_uid'))) { $rpc_connect = true; $response = $client->getResponse(); foreach ($response as $language) { $available_lang[$language['language']]['rpc_lastmod'] = gmmktime($language['lastmodified']->hour, $language['lastmodified']->minute, $language['lastmodified']->second, $language['lastmodified']->month, $language['lastmodified']->day, $language['lastmodified']->year); } } elseif (gps('force') != 'file') { $msg = gTxt('rpc_connect_error') . "<!--" . $client->getErrorCode() . ' ' . $client->getErrorMessage() . "-->"; } // Get items from Filesystem. $files = get_lang_files(); if (is_array($files) && !empty($files)) { foreach ($files as $file) { if ($fp = @fopen(txpath . DS . 'lang' . DS . $file, 'r')) { $name = preg_replace('/\\.(txt|textpack)$/i', '', $file); $firstline = fgets($fp, 4069); fclose($fp); if (strpos($firstline, '#@version') !== false) { @(list($fversion, $ftime) = explode(';', trim(substr($firstline, strpos($firstline, ' ', 1))))); } else { $fversion = $ftime = null; } $available_lang[$name]['file_note'] = isset($fversion) ? $fversion : 0; $available_lang[$name]['file_lastmod'] = isset($ftime) ? $ftime : 0; } } } // Get installed items from the database. // We need a value here for the language itself, not for each one of the rows. $rows = safe_rows("lang, UNIX_TIMESTAMP(MAX(lastmod)) AS lastmod", 'txp_lang', "1 = 1 GROUP BY lang ORDER BY lastmod DESC"); $installed_lang = array(); foreach ($rows as $language) { $available_lang[$language['lang']]['db_lastmod'] = $language['lastmod']; if ($language['lang'] != $active_lang) { $installed_lang[] = $language['lang']; } } $list = ''; // Create the language table components. foreach ($available_lang as $langname => $langdat) { $file_updated = isset($langdat['db_lastmod']) && @$langdat['file_lastmod'] > $langdat['db_lastmod']; $rpc_updated = @$langdat['rpc_lastmod'] > @$langdat['db_lastmod']; $rpc_install = tda($rpc_updated ? strong(eLink('lang', 'get_language', 'lang_code', $langname, isset($langdat['db_lastmod']) ? gTxt('update') : gTxt('install'), 'updating', isset($langdat['db_lastmod']), '')) . n . span(safe_strftime('%d %b %Y %X', @$langdat['rpc_lastmod']), array('class' => 'date modified')) : (isset($langdat['rpc_lastmod']) ? gTxt('up_to_date') : '-') . (isset($langdat['db_lastmod']) ? n . span(safe_strftime('%d %b %Y %X', $langdat['db_lastmod']), array('class' => 'date modified')) : ''), isset($langdat['db_lastmod']) && $rpc_updated ? ' class="highlight lang-value"' : ' class="lang-value"'); $lang_file = tda(isset($langdat['file_lastmod']) ? strong(eLink('lang', 'get_language', 'lang_code', $langname, $file_updated ? gTxt('update') : gTxt('install'), 'force', 'file', '')) . n . span(safe_strftime(get_pref('archive_dateformat'), $langdat['file_lastmod']), array('class' => 'date ' . ($file_updated ? 'created' : 'modified'))) : '-', ' class="lang-value languages_detail' . (isset($langdat['db_lastmod']) && $rpc_updated ? ' highlight' : '') . '"'); $list .= tr(hCell(gTxt($langname), '', isset($langdat['db_lastmod']) && $rpc_updated ? ' class="highlight lang-label" scope="row"' : ' class="lang-label" scope="row"') . n . $rpc_install . n . $lang_file . tda(in_array($langname, $installed_lang) ? dLink('lang', 'remove_language', 'lang_code', $langname, 1) : '-', ' class="languages_detail' . (isset($langdat['db_lastmod']) && $rpc_updated ? ' highlight' : '') . '"')) . n; } // Output table and content. pagetop(gTxt('tab_languages'), $message); echo n . tag(hed(gTxt('tab_languages'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1')) . n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => 'language_container')); if (isset($msg) && $msg) { echo graf('<span class="ui-icon ui-icon-closethick"></span> ' . $msg, array('class' => 'alert-block error')); } echo $lang_form, n . tag(toggle_box('languages_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(gTxt('language'), '', ' scope="col"') . hCell(gTxt('from_server') . popHelp('install_lang_from_server'), '', ' scope="col"') . hCell(gTxt('from_file') . popHelp('install_lang_from_file'), '', ' class="languages_detail" scope="col"') . hCell(gTxt('remove_lang') . popHelp('remove_lang'), '', ' class="languages_detail" scope="col"')) . n . tag_end('thead') . n . tag_start('tbody') . $list . n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . hed(gTxt('install_from_textpack'), 2) . n . tag(form('<label for="textpack-install">' . gTxt('install_textpack') . '</label>' . popHelp('get_textpack') . n . '<textarea class="code" id="textpack-install" name="textpack" cols="' . INPUT_LARGE . '" rows="' . TEXTAREA_HEIGHT_SMALL . '" dir="ltr"></textarea>' . fInput('submit', 'install_new', gTxt('upload')) . eInput('lang') . sInput('get_textpack'), '', '', 'post', '', '', 'text_uploader'), 'div', array('class' => 'txp-control-panel')) . n . tag_end('div'); }
function atom() { global $thisarticle; extract($GLOBALS['prefs']); define("t_texthtml", ' type="text/html"'); define("t_text", ' type="text"'); define("t_html", ' type="html"'); define("t_xhtml", ' type="xhtml"'); define('t_appxhtml', ' type="xhtml"'); define("r_relalt", ' rel="alternate"'); define("r_relself", ' rel="self"'); $area = doSlash(gps('area')); extract(doSlash(gpsa(array('category', 'section', 'limit')))); $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod'); $sitename .= $section ? ' - ' . $section : ''; $sitename .= $category ? ' - ' . $category : ''; $pub = safe_row("RealName, email", "txp_users", "privs=1"); $out[] = tag(escape_output($sitename), 'title', t_text); $out[] = tag(escape_output($site_slogan), 'subtitle', t_text); $out[] = '<link' . r_relself . ' href="' . pagelinkurl(array('atom' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" />'; $out[] = '<link' . r_relalt . t_texthtml . ' href="' . hu . '" />'; $articles = array(); //Atom feeds with mail or domain name $dn = explode('/', $siteurl); $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0]; $out[] = tag('tag:' . $mail_or_domain . ',' . $blog_time_uid . ':' . $blog_uid . ($section ? '/' . $section : '') . ($category ? '/' . $category : ''), 'id'); $out[] = tag('Textpattern', 'generator', ' uri="http://textpattern.com/" version="' . $version . '"'); $out[] = tag(safe_strftime("w3cdtf", $last), 'updated'); $auth[] = tag($pub['RealName'], 'name'); $auth[] = $include_email_atom ? tag(eE($pub['email']), 'email') : ''; $auth[] = tag(hu, 'uri'); $out[] = tag(n . t . t . join(n . t . t, $auth) . n, 'author'); if (!$area or $area == 'article') { $sfilter = $section ? "and Section = '" . $section . "'" : ''; $cfilter = $category ? "and (Category1='" . $category . "' or Category2='" . $category . "')" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $frs = safe_column("name", "txp_section", "in_rss != '1'"); $query = array(); foreach ($frs as $f) { $query[] = "and Section != '" . doSlash($f) . "'"; } $query[] = $sfilter; $query[] = $cfilter; $rs = safe_rows_start("*, \n\t\t\t\tID as thisid, \n\t\t\t\tunix_timestamp(Posted) as uPosted,\n\t\t\t\tunix_timestamp(LastMod) as uLastMod", "textpattern", "Status=4 and Posted <= now() " . join(' ', $query) . "order by Posted desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); populateArticleData($a); $cb = callback_event('atom_entry'); $e = array(); $a['posted'] = $uPosted; if ($show_comment_count_in_feed) { $count = $comments_count > 0 ? ' [' . $comments_count . ']' : ''; } else { $count = ''; } $thisauthor = get_author_name($AuthorID); $e['thisauthor'] = tag(n . t . t . t . tag(htmlspecialchars($thisauthor), 'name') . n . t . t, 'author'); $e['issued'] = tag(safe_strftime('w3cdtf', $uPosted), 'published'); $e['modified'] = tag(safe_strftime('w3cdtf', $uLastMod), 'updated'); $escaped_title = escape_output($Title); $e['title'] = tag($escaped_title . $count, 'title', t_html); $permlink = permlinkurl($a); $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $permlink . '" />'; $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'id'); $e['category1'] = trim($Category1) ? '<category term="' . htmlspecialchars($Category1) . '" />' : ''; $e['category2'] = trim($Category2) ? '<category term="' . htmlspecialchars($Category2) . '" />' : ''; $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink)); $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink)); if ($syndicate_body_or_excerpt) { # short feed: use body as summary if there's no excerpt if (!trim($summary)) { $summary = $content; } $content = ''; } if (trim($content)) { $e['content'] = tag(n . escape_cdata($content) . n, 'content', t_html); } if (trim($summary)) { $e['summary'] = tag(n . escape_cdata($summary) . n, 'summary', t_html); } $articles[$ID] = tag(n . t . t . join(n . t . t, $e) . n . $cb, 'entry'); $etags[$ID] = strtoupper(dechex(crc32($articles[$ID]))); $dates[$ID] = $uLastMod; } } } elseif ($area == 'link') { $cfilter = $category ? "category='" . $category . "'" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $rs = safe_rows_start("*", "txp_link", "{$cfilter} order by date desc, id desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); $e['title'] = tag(htmlspecialchars($linkname), 'title', t_html); $e['content'] = tag(n . htmlspecialchars($description) . n, 'content', t_html); $url = preg_replace("/^\\/(.*)/", "https?://{$siteurl}/\$1", $url); $url = preg_replace("/&((?U).*)=/", "&\\1=", $url); $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $url . '" />'; $e['issued'] = tag(safe_strftime('w3cdtf', strtotime($date)), 'published'); $e['modified'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', strtotime($date)), 'updated'); $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $id, 'id'); $articles[$id] = tag(n . t . t . join(n . t . t, $e) . n, 'entry'); $etags[$id] = strtoupper(dechex(crc32($articles[$id]))); $dates[$id] = $date; } } } if (!empty($articles)) { //turn on compression if we aren't using it already if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) { @ob_start("ob_gzhandler"); } handle_lastmod(); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); $imsd = $hims ? strtotime($hims) : 0; if ($imsd >= $last) { txp_status_header("304 Not Modified"); exit; } header("Last-Modified: " . gmdate('D, d M Y H:i:s \\G\\M\\T', $last)); if (is_callable('apache_request_headers')) { $headers = apache_request_headers(); if (isset($headers["A-IM"])) { $canaim = strpos($headers["A-IM"], "feed"); } else { $canaim = false; } } else { $canaim = false; } $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH')); $cutarticles = false; if ($canaim !== false) { foreach ($articles as $id => $thing) { if (strpos($hinm, $etags[$id])) { unset($articles[$id]); $cutarticles = true; $cut_etag = true; } if ($dates[$id] < $imsd) { unset($articles[$id]); $cutarticles = true; $cut_time = true; } } } if (isset($cut_etag) && isset($cut_time)) { header("Vary: If-None-Match, If-Modified-Since"); } else { if (isset($cut_etag)) { header("Vary: If-None-Match"); } else { if (isset($cut_time)) { header("Vary: If-Modified-Since"); } } } $etag = @join("-", $etags); if (strstr($hinm, $etag)) { header("HTTP/1.1 304 Not Modified"); exit; } if ($etag) { header('ETag: "' . $etag . '"'); } if ($cutarticles) { //header("HTTP/1.1 226 IM Used"); //This should be used as opposed to 200, but Apache doesn't like it. //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200. header("Cache-Control: no-store, im"); header("IM: feed"); } $out = array_merge($out, $articles); header('Content-type: application/atom+xml; charset=utf-8'); return chr(60) . '?xml version="1.0" encoding="UTF-8"?' . chr(62) . n . '<feed xml:lang="' . $language . '" xmlns="http://www.w3.org/2005/Atom">' . join(n, $out) . '</feed>'; } }
/** * The main author list. * * @param string|array $message The activity message */ function author_list($message = '') { global $txp_user, $author_list_pageby; pagetop(gTxt('tab_site_admin'), $message); if (is_disabled('mail')) { echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('warn_mail_unavailable'), array('class' => 'alert-block warning')); } echo hed(gTxt('tab_site_admin'), 1, array('class' => 'txp-heading')); echo n . '<div id="users_control" class="txp-control-panel">'; $buttons = array(); // Change password button. $buttons[] = sLink('admin', 'new_pass_form', gTxt('change_password')); if (!has_privs('admin.edit')) { // Change email address button. $buttons[] = sLink('admin', 'change_email_form', gTxt('change_email_address')); } else { // New author button. $buttons[] = sLink('admin', 'author_edit', gTxt('add_new_author')); } echo graf(join(n, $buttons), array('class' => 'txp-buttons')); // User list. if (has_privs('admin.list')) { extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('admin_sort_column', 'name'); } if ($dir === '') { $dir = get_pref('admin_sort_dir', 'asc'); } $dir = $dir == 'desc' ? 'desc' : 'asc'; if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) { $sort = 'name'; } $sort_sql = $sort . ' ' . $dir; set_pref('admin_sort_column', $sort, 'admin', 2, '', 0, PREF_PRIVATE); set_pref('admin_sort_dir', $dir, 'admin', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit != '') { $verbatim = preg_match('/^"(.*)"$/', $crit, $m); $crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit); $critsql = $verbatim ? array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name = '{$crit_escaped}'", 'real_name' => "RealName = '{$crit_escaped}'", 'email' => "email = '{$crit_escaped}'", 'privs' => "convert(privs, char) in ('" . join("','", do_list($crit_escaped)) . "')") : array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name like '%{$crit_escaped}%'", 'real_name' => "RealName like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'privs' => "convert(privs, char) in ('" . join("','", do_list($crit_escaped)) . "')"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $criteria .= callback_event('admin_criteria', 'author_list', 0, $criteria); $total = getCount('txp_users', $criteria); if ($total < 1) { if ($criteria != 1) { echo n . author_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } return; } $limit = max($author_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); $use_multi_edit = has_privs('admin.edit') && safe_count('txp_users', '1=1') > 1; echo author_search_form($crit, $search_method) . '</div>'; $rs = safe_rows_start('*, unix_timestamp(last_access) as last_login', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo n . tag_start('div', array('id' => 'users_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'users_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(($use_multi_edit ? hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') : hCell('', '', ' scope="col" class="txp-list-col-multi-edit"')) . column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-login-name name') . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', ('RealName' == $sort ? "{$dir} " : '') . 'txp-list-col-real-name name') . column_head('email', 'email', 'admin', true, $switch_dir, '', '', ('email' == $sort ? "{$dir} " : '') . 'txp-list-col-email') . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', ('privs' == $sort ? "{$dir} " : '') . 'txp-list-col-privs') . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', ('last_login' == $sort ? "{$dir} " : '') . 'txp-list-col-last-login date')) . n . tag_end('thead') . n . tag_start('tbody'); while ($a = nextRow($rs)) { extract(doSpecial($a)); echo tr(td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name'], 'checkbox') : '', '', 'txp-list-col-multi-edit') . hCell(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, $name) : $name, '', ' scope="row" class="txp-list-col-login-name name"') . td($RealName, '', 'txp-list-col-real-name name') . td(href($email, 'mailto:' . $email), '', 'txp-list-col-email') . td(get_priv_level($privs), '', 'txp-list-col-privs') . td($last_login ? safe_strftime('%b %Y', $last_login) : '', '', 'txp-list-col-last-login date')); } echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . ($use_multi_edit ? author_multiedit_form($page, $sort, $dir, $crit, $search_method) : '') . tInput() . n . tag_end('form') . n . tag_start('div', array('id' => 'users_navigation', 'class' => 'txp-navigation')) . pageby_form('admin', $author_list_pageby) . nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method) . n . tag_end('div') . n . tag_end('div'); } } else { echo n . tag_end('div'); } }
function write_trace() { global $prefs; $file = $prefs['tempdir'] . DS . 'evaluator_trace.php'; if (!file_exists($file)) { $fp = fopen($file, 'wb'); if ($fp) { fwrite($fp, "<?php return; ?>\n" . "This trace-file tracks saved comments. (created " . safe_strftime($prefs['archive_dateformat'], time()) . ")\n" . "Format is: Type; Probability; Message (Type can be -1 => spam, 0 => moderate, 1 => visible)\n\n"); } } else { $fp = fopen($file, 'ab'); } if ($fp) { fwrite($fp, implode("\n", $this->txpspamtrace)); fwrite($fp, "\n RESULT: " . $this->get_result() . "\n\n"); fclose($fp); } }
/** * Generates and outputs an Atom feed. * * This function can only be called once on a page. It outputs an Atom feed * based on the requested URL parameters. Accepts HTTP GET parameters 'limit', * 'area', 'section' and 'category'. */ function atom() { global $thisarticle, $prefs; set_error_handler('feedErrorHandler'); ob_clean(); extract($prefs); $last = fetch("UNIX_TIMESTAMP(val)", 'txp_prefs', 'name', 'lastmod'); extract(doSlash(gpsa(array('limit', 'area')))); // Build filter criteria from a comma-separated list of sections // and categories. $feed_filter_limit = get_pref('feed_filter_limit', 10); $section = gps('section'); $category = gps('category'); if (!is_scalar($section) || !is_scalar($category)) { txp_die('Not Found', 404); } $section = $section ? array_slice(do_list_unique($section), 0, $feed_filter_limit) : array(); $category = $category ? array_slice(do_list_unique($category), 0, $feed_filter_limit) : array(); $st = array(); foreach ($section as $s) { $st[] = fetch_section_title($s); } $ct = array(); foreach ($category as $c) { $ct[] = fetch_category_title($c); } $sitename .= $section ? ' - ' . join(' - ', $st) : ''; $sitename .= $category ? ' - ' . join(' - ', $ct) : ''; $pub = safe_row("RealName, email", 'txp_users', "privs = 1"); // Feed header. $out[] = tag(htmlspecialchars($sitename), 'title', t_text); $out[] = tag(htmlspecialchars($site_slogan), 'subtitle', t_text); $out[] = '<link' . r_relself . ' href="' . pagelinkurl(array('atom' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" />'; $out[] = '<link' . r_relalt . t_texthtml . ' href="' . hu . '" />'; // Atom feeds with mail or domain name. $dn = explode('/', $siteurl); $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0]; $out[] = tag('tag:' . $mail_or_domain . ',' . $blog_time_uid . ':' . $blog_uid . ($section ? '/' . join(',', $section) : '') . ($category ? '/' . join(',', $category) : ''), 'id'); $out[] = tag('Textpattern', 'generator', ' uri="http://textpattern.com/" version="' . $version . '"'); $out[] = tag(safe_strftime("w3cdtf", $last), 'updated'); $auth[] = tag($pub['RealName'], 'name'); $auth[] = $include_email_atom ? tag(eE($pub['email']), 'email') : ''; $auth[] = tag(hu, 'uri'); $out[] = tag(n . t . t . join(n . t . t, $auth) . n, 'author'); $out[] = callback_event('atom_head'); // Feed items. $articles = array(); $section = doSlash($section); $category = doSlash($category); if (!$area or $area == 'article') { $sfilter = !empty($section) ? "AND Section IN ('" . join("','", $section) . "')" : ''; $cfilter = !empty($category) ? "AND (Category1 IN ('" . join("','", $category) . "') OR Category2 IN ('" . join("','", $category) . "'))" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $frs = safe_column("name", 'txp_section', "in_rss != '1'"); $query = array(); foreach ($frs as $f) { $query[] = "AND Section != '" . doSlash($f) . "'"; } $query[] = $sfilter; $query[] = $cfilter; $expired = $publish_expired_articles ? " " : " AND (" . now('expires') . " <= Expires OR Expires = " . NULLDATETIME . ") "; $rs = safe_rows_start("*,\n ID AS thisid,\n UNIX_TIMESTAMP(Posted) AS uPosted,\n UNIX_TIMESTAMP(Expires) AS uExpires,\n UNIX_TIMESTAMP(LastMod) AS uLastMod", 'textpattern', "Status = 4 AND Posted <= " . now('posted') . $expired . join(' ', $query) . "ORDER BY Posted DESC LIMIT {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); populateArticleData($a); $cb = callback_event('atom_entry'); $e = array(); $a['posted'] = $uPosted; $a['expires'] = $uExpires; if ($show_comment_count_in_feed) { $count = $comments_count > 0 ? ' [' . $comments_count . ']' : ''; } else { $count = ''; } $thisauthor = get_author_name($AuthorID); $e['thisauthor'] = tag(n . t . t . t . tag(htmlspecialchars($thisauthor), 'name') . n . t . t, 'author'); $e['issued'] = tag(safe_strftime('w3cdtf', $uPosted), 'published'); $e['modified'] = tag(safe_strftime('w3cdtf', $uLastMod), 'updated'); $escaped_title = htmlspecialchars($Title); $e['title'] = tag($escaped_title . $count, 'title', t_html); $permlink = permlinkurl($a); $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $permlink . '" />'; $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'id'); $e['category1'] = trim($Category1) ? '<category term="' . htmlspecialchars($Category1) . '" />' : ''; $e['category2'] = trim($Category2) ? '<category term="' . htmlspecialchars($Category2) . '" />' : ''; $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink)); $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink)); if ($syndicate_body_or_excerpt) { // Short feed: use body as summary if there's no excerpt. if (!trim($summary)) { $summary = $content; } $content = ''; } if (trim($content)) { $e['content'] = tag(n . escape_cdata($content) . n, 'content', t_html); } if (trim($summary)) { $e['summary'] = tag(n . escape_cdata($summary) . n, 'summary', t_html); } $articles[$ID] = tag(n . t . t . join(n . t . t, $e) . n . $cb, 'entry'); $etags[$ID] = strtoupper(dechex(crc32($articles[$ID]))); $dates[$ID] = $uLastMod; } } } elseif ($area == 'link') { $cfilter = $category ? "category in ('" . join("','", $category) . "')" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $rs = safe_rows_start("*", 'txp_link', "{$cfilter} ORDER BY date DESC, id DESC LIMIT {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); $e['title'] = tag(htmlspecialchars($linkname), 'title', t_html); $e['content'] = tag(n . htmlspecialchars($description) . n, 'content', t_html); $url = preg_replace("/^\\/(.*)/", "https?://{$siteurl}/\$1", $url); $url = preg_replace("/&((?U).*)=/", "&\\1=", $url); $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $url . '" />'; $e['issued'] = tag(safe_strftime('w3cdtf', strtotime($date)), 'published'); $e['modified'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', strtotime($date)), 'updated'); $e['id'] = tag('tag:' . $mail_or_domain . ',' . safe_strftime('%Y-%m-%d', strtotime($date)) . ':' . $blog_uid . '/' . $id, 'id'); $articles[$id] = tag(n . t . t . join(n . t . t, $e) . n, 'entry'); $etags[$id] = strtoupper(dechex(crc32($articles[$id]))); $dates[$id] = $date; } } } if (!$articles) { if ($section) { if (safe_field("name", 'txp_section', "name IN ('" . join("','", $section) . "')") == false) { txp_die(gTxt('404_not_found'), '404'); } } elseif ($category) { switch ($area) { case 'link': if (safe_field("id", 'txp_category', "name = '{$category}' AND type = 'link'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; case 'article': default: if (safe_field("id", 'txp_category', "name IN ('" . join("','", $category) . "') AND type = 'article'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; } } } else { // Turn on compression if we aren't using it already. if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) { // Make sure notices/warnings/errors don't fudge up the feed when // compression is used. $buf = ''; while ($b = @ob_get_clean()) { $buf .= $b; } @ob_start('ob_gzhandler'); echo $buf; } handle_lastmod(); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); $imsd = $hims ? strtotime($hims) : 0; if (is_callable('apache_request_headers')) { $headers = apache_request_headers(); if (isset($headers["A-IM"])) { $canaim = strpos($headers["A-IM"], "feed"); } else { $canaim = false; } } else { $canaim = false; } $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH')); $cutarticles = false; if ($canaim !== false) { foreach ($articles as $id => $thing) { if (strpos($hinm, $etags[$id])) { unset($articles[$id]); $cutarticles = true; $cut_etag = true; } if ($dates[$id] < $imsd) { unset($articles[$id]); $cutarticles = true; $cut_time = true; } } } if (isset($cut_etag) && isset($cut_time)) { header("Vary: If-None-Match, If-Modified-Since"); } elseif (isset($cut_etag)) { header("Vary: If-None-Match"); } elseif (isset($cut_time)) { header("Vary: If-Modified-Since"); } $etag = @join("-", $etags); if (strstr($hinm, $etag)) { txp_status_header('304 Not Modified'); exit(0); } if ($etag) { header('ETag: "' . $etag . '"'); } if ($cutarticles) { // header("HTTP/1.1 226 IM Used"); // This should be used as opposed to 200, but Apache doesn't like it. // http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the // status code should be 200. header("Cache-Control: no-store, im"); header("IM: feed"); } } $out = array_merge($out, $articles); header('Content-type: application/atom+xml; charset=utf-8'); return chr(60) . '?xml version="1.0" encoding="UTF-8"?' . chr(62) . n . '<feed xml:lang="' . txpspecialchars($language) . '" xmlns="http://www.w3.org/2005/Atom">' . join(n, $out) . '</feed>'; }
function list_list($message = '', $post = '') { global $statuses, $comments_disabled_after, $step, $txp_user; pagetop(gTxt('tab_list'), $message); extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $sesutats = array_flip($statuses); $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'ID ' . $dir; break; case 'posted': $sort_sql = 'Posted ' . $dir; break; case 'title': $sort_sql = 'Title ' . $dir . ', Posted desc'; break; case 'section': $sort_sql = 'Section ' . $dir . ', Posted desc'; break; case 'category1': $sort_sql = 'Category1 ' . $dir . ', Posted desc'; break; case 'category2': $sort_sql = 'Category2 ' . $dir . ', Posted desc'; break; case 'status': $sort_sql = 'Status ' . $dir . ', Posted desc'; break; case 'author': $sort_sql = 'AuthorID ' . $dir . ', Posted desc'; break; case 'comments': $sort_sql = 'comments_count ' . $dir . ', Posted desc'; break; default: $dir = 'desc'; $sort_sql = 'Posted ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('textpattern', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . list_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"'); } else { echo graf(gTxt('no_articles_recorded'), ' style="text-align: center;"'); } return; } $limit = max(@$article_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo n . list_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(Posted) as posted', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $total_comments = array(); // fetch true comment count, not the public comment count // maybe we should have another row in the db? $rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid"); if ($rs2) { while ($a = nextRow($rs2)) { $pid = $a['parentid']; $num = $a['num']; $total_comments[$pid] = $num; } } echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . tr(n . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method) . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method) . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method) . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method) . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, 'articles_detail') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, 'articles_detail') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method) . column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method) . column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, 'articles_detail') . hCell()); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); if (empty($Title)) { $Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>'; } else { $Title = eLink('article', 'edit', 'ID', $ID, $Title); } $Category1 = $Category1 ? '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . '</span>' : ''; $Category2 = $Category2 ? '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . '</span>' : ''; $manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('article', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . (($Status == 4 or $Status == 5) ? n . t . '<li><a href="' . permlinkurl($a) . '">' . gTxt('view') . '</a></li>' : '') . n . '</ul>'; $Status = !empty($Status) ? $statuses[$Status] : ''; $comments = gTxt('none'); if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) { $comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')'; } $comment_status = $Annotate ? gTxt('on') : gTxt('off'); if ($comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $posted; if ($time_since > $lifespan) { $comment_status = gTxt('expired'); } } $comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>'; echo n . n . tr(n . td(eLink('article', 'edit', 'ID', $ID, $ID) . $manage) . td(safe_strftime('%d %b %Y %I:%M %p', $posted)) . td($Title) . td('<span title="' . htmlspecialchars(fetch_section_title($Section)) . '">' . $Section . '</span>', 75) . td($Category1, 100, "articles_detail") . td($Category2, 100, "articles_detail") . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td('<span title="' . htmlspecialchars(get_author_name($AuthorID)) . '">' . $AuthorID . '</span>') . td($comments, 50, "articles_detail") . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : ' ')); } echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . list_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('list', $article_list_pageby); } }
/** * Sends and handles a lastmod header. * * @param int|null $unix_ts The last modification date as a UNIX timestamp * @param bool $exit If TRUE, terminates the script * @return array|null Array of sent HTTP status and the lastmod header, or NULL * @package Pref */ function handle_lastmod($unix_ts = null, $exit = true) { if (get_pref('send_lastmod') && get_pref('production_status') == 'live') { $unix_ts = get_lastmod($unix_ts); // Make sure lastmod isn't in the future. $unix_ts = min($unix_ts, time()); // Or too far in the past (7 days). $unix_ts = max($unix_ts, time() - 3600 * 24 * 7); $last = safe_strftime('rfc822', $unix_ts, 1); header("Last-Modified: {$last}"); header('Cache-Control: no-cache'); $hims = serverSet('HTTP_IF_MODIFIED_SINCE'); if ($hims and @strtotime($hims) >= $unix_ts) { log_hit('304'); if (!$exit) { return array('304', $last); } txp_status_header('304 Not Modified'); // Some mod_deflate versions have a bug that breaks subsequent // requests when keepalive is used. dropping the connection // is the only reliable way to fix this. if (!get_pref('lastmod_keepalive')) { header('Connection: close'); } header('Content-Length: 0'); // Discard all output. while (@ob_end_clean()) { } exit; } if (!$exit) { return array('200', $last); } } }
function article_edit($message = '', $concurrent = FALSE) { global $vars, $txp_user, $comments_disabled_after, $txpcfg, $prefs, $event; extract($prefs); extract(gpsa(array('view', 'from_view', 'step'))); if (!empty($GLOBALS['ID'])) { // newly-saved article $ID = $GLOBALS['ID']; $step = 'edit'; } else { $ID = gps('ID'); } include_once txpath . '/lib/classTextile.php'; $textile = new Textile(); // switch to 'text' view upon page load and after article post if (!$view || gps('save') || gps('publish')) { $view = 'text'; } if (!$step) { $step = "create"; } if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != 'preview' && $from_view != 'html' && !$concurrent) { $pull = true; //-- it's an existing article - off we go to the db $ID = assert_int($ID); $rs = safe_row("*, unix_timestamp(Posted) as sPosted,\n\t\t\t\tunix_timestamp(Expires) as sExpires,\n\t\t\t\tunix_timestamp(LastMod) as sLastMod", "textpattern", "ID={$ID}"); extract($rs); $reset_time = $publish_now = $Status < 4 && $sPosted <= time(); } else { $pull = false; //-- assume they came from post if ($from_view == 'preview' or $from_view == 'html') { $store_out = array(); $store = unserialize(base64_decode(ps('store'))); foreach ($vars as $var) { if (isset($store[$var])) { $store_out[$var] = $store[$var]; } } } else { $store_out = gpsa($vars); if ($concurrent) { $store_out['sLastMod'] = safe_field('unix_timestamp(LastMod) as sLastMod', 'textpattern', 'ID=' . $ID); } } $rs = $store_out; extract($store_out); } $GLOBALS['step'] = $step; if ($step == 'create') { $textile_body = $use_textile; $textile_excerpt = $use_textile; } if ($step != 'create' && $sPosted) { // Previous record? $prev_id = checkIfNeighbour('prev', $sPosted); // Next record? $next_id = checkIfNeighbour('next', $sPosted); } else { $prev_id = $next_id = 0; } $page_title = $Title ? $Title : gTxt('write'); pagetop($page_title, $message); echo n . '<div id="' . $event . '_container" class="txp-container txp-edit">'; echo n . n . '<form id="article_form" name="article_form" method="post" action="index.php">'; if (!empty($store_out)) { echo hInput('store', base64_encode(serialize($store_out))); } echo hInput('ID', $ID) . eInput('article') . sInput($step) . '<input type="hidden" name="view" />' . startTable('edit') . '<tr>' . n . '<td id="article-col-1"><div id="configuration_content">'; if ($view == 'text') { //-- markup help -------------- echo pluggable_ui('article_ui', 'sidehelp', side_help($textile_body, $textile_excerpt), $rs); //-- custom menu entries -------------- echo pluggable_ui('article_ui', 'extend_col_1', '', $rs); //-- advanced -------------- echo '<div id="advanced_group"><h3 class="plain lever' . (get_pref('pane_article_advanced_visible') ? ' expanded' : '') . '"><a href="#advanced">' . gTxt('advanced_options') . '</a></h3>' . '<div id="advanced" class="toggle" style="display:' . (get_pref('pane_article_advanced_visible') ? 'block' : 'none') . '">'; // markup selection echo pluggable_ui('article_ui', 'markup', n . graf('<label for="markup-body">' . gTxt('article_markup') . '</label>' . br . pref_text('textile_body', $textile_body, 'markup-body'), ' class="markup markup-body"') . n . graf('<label for="markup-excerpt">' . gTxt('excerpt_markup') . '</label>' . br . pref_text('textile_excerpt', $textile_excerpt, 'markup-excerpt'), ' class="markup markup-excerpt"'), $rs); // form override echo $allow_form_override ? pluggable_ui('article_ui', 'override', graf('<label for="override-form">' . gTxt('override_default_form') . '</label>' . sp . popHelp('override_form') . br . form_pop($override_form, 'override-form'), ' class="override-form"'), $rs) : ''; echo '</div></div>' . n; //-- custom fields -------------- $cf = ''; $cfs = getCustomFields(); echo '<div id="custom_field_group"' . ($cfs ? '' : ' class="empty"') . '><h3 class="plain lever' . (get_pref('pane_article_custom_field_visible') ? ' expanded' : '') . '"><a href="#custom_field">' . gTxt('custom') . '</a></h3>' . '<div id="custom_field" class="toggle" style="display:' . (get_pref('pane_article_custom_field_visible') ? 'block' : 'none') . '">'; foreach ($cfs as $i => $cf_name) { $custom_x_set = "custom_{$i}_set"; $custom_x = "custom_{$i}"; $cf .= ${$custom_x_set} !== '' ? custField($i, ${$custom_x_set}, ${$custom_x}) : ''; } echo pluggable_ui('article_ui', 'custom_fields', $cf, $rs); echo '</div></div>' . n; //-- article image -------------- echo '<div id="image_group"><h3 class="plain lever' . (get_pref('pane_article_image_visible') ? ' expanded' : '') . '"><a href="#image">' . gTxt('article_image') . '</a></h3>' . '<div id="image" class="toggle" style="display:' . (get_pref('pane_article_image_visible') ? 'block' : 'none') . '">'; echo pluggable_ui('article_ui', 'article_image', n . graf('<label for="article-image">' . gTxt('article_image') . '</label>' . sp . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit', '', '', 22, '', 'article-image'), ' class="article-image"'), $rs); echo '</div></div>' . n; //-- meta info -------------- echo '<div id="meta_group"><h3 class="plain lever' . (get_pref('pane_article_meta_visible') ? ' expanded' : '') . '"><a href="#meta">' . gTxt('meta') . '</a></h3>' . '<div id="meta" class="toggle" style="display:' . (get_pref('pane_article_meta_visible') ? 'block' : 'none') . '">'; // keywords echo pluggable_ui('article_ui', 'keywords', n . graf('<label for="keywords">' . gTxt('keywords') . '</label>' . sp . popHelp('keywords') . br . n . '<textarea id="keywords" name="Keywords" cols="18" rows="5">' . htmlspecialchars(str_replace(',', ', ', $Keywords)) . '</textarea>', ' class="keywords"'), $rs); // url title echo pluggable_ui('article_ui', 'url_title', n . graf('<label for="url-title">' . gTxt('url_title') . '</label>' . sp . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit', '', '', 22, '', 'url-title'), ' class="url-title"'), $rs); echo '</div></div>' . n; //-- recent articles -------------- echo '<div id="recent_group"><h3 class="plain lever' . (get_pref('pane_article_recent_visible') ? ' expanded' : '') . '"><a href="#recent">' . gTxt('recent_articles') . '</a>' . '</h3>' . '<div id="recent" class="toggle" style="display:' . (get_pref('pane_article_recent_visible') ? 'block' : 'none') . '">'; $recents = safe_rows_start("Title, ID", 'textpattern', "1=1 order by LastMod desc limit 10"); $ra = ''; if ($recents) { $ra = '<ul class="recent plain-list">'; while ($recent = nextRow($recents)) { if (!$recent['Title']) { $recent['Title'] = gTxt('untitled') . sp . $recent['ID']; } $ra .= n . t . '<li class="recent-article"><a href="?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID'] . '">' . escape_title($recent['Title']) . '</a></li>'; } $ra .= '</ul>'; } echo pluggable_ui('article_ui', 'recent_articles', $ra, $rs); echo '</div></div>'; } else { echo sp; } echo '</div></td>' . n . '<td id="article-main"><div id="main_content">'; //-- title input -------------- if ($view == 'preview') { echo '<div class="preview">' . hed(gTxt('preview'), 2) . hed($Title, 1, ' class="title"'); } elseif ($view == 'html') { echo '<div class="xhtml">' . hed('XHTML', 2) . hed($Title, 1, ' class="title"'); } elseif ($view == 'text') { echo '<div class="text">' . pluggable_ui('article_ui', 'title', n . '<p class="title"><label for="title">' . gTxt('title') . '</label>' . sp . popHelp('title') . br . '<input type="text" id="title" name="Title" value="' . escape_title($Title) . '" class="edit" size="40" tabindex="1" />', $rs); if ($step != 'create') { if ($Status != 4 and $Status != 5) { $url = '?txpreview=' . intval($ID) . '.' . time(); // article ID plus cachebuster } else { include_once txpath . '/publish/taghandlers.php'; $url = permlinkurl_id($ID); } echo sp . sp . '<a href="' . $url . '" class="article-view">' . gTxt('view') . '</a>'; } echo '</p>'; } //-- body -------------------- if ($view == 'preview') { echo '<div class="body">'; if ($textile_body == USE_TEXTILE) { echo $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { echo nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { echo $Body; } } } echo '</div>'; } elseif ($view == 'html') { if ($textile_body == USE_TEXTILE) { $bod = $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { $bod = nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { $bod = $Body; } } } echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code', ' class="body"'); } else { echo pluggable_ui('article_ui', 'body', n . graf('<label for="body">' . gTxt('body') . '</label>' . sp . popHelp('body') . br . '<textarea id="body" name="Body" cols="55" rows="31" tabindex="2">' . htmlspecialchars($Body) . '</textarea>', ' class="body"'), $rs); } //-- excerpt -------------------- if ($articles_use_excerpts) { if ($view == 'text') { echo pluggable_ui('article_ui', 'excerpt', n . graf('<label for="excerpt">' . gTxt('excerpt') . '</label>' . sp . popHelp('excerpt') . br . '<textarea id="excerpt" name="Excerpt" cols="55" rows="5" tabindex="3">' . htmlspecialchars($Excerpt) . '</textarea>', ' class="excerpt"'), $rs); } else { echo n . '<hr width="50%" />'; echo '<div class="excerpt">'; echo $textile_excerpt == USE_TEXTILE ? $view == 'preview' ? graf($textile->textileThis($Excerpt)) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($textile->TextileThis($Excerpt))), 'code', ' class="excerpt"') : graf($Excerpt); echo '</div>'; } } //-- author -------------- if ($view == "text" && $step != "create") { echo '<p class="author small">' . gTxt('posted_by') . ': ' . htmlspecialchars($AuthorID) . ' · ' . safe_strftime('%d %b %Y · %X', $sPosted); if ($sPosted != $sLastMod) { echo br . gTxt('modified_by') . ': ' . htmlspecialchars($LastModID) . ' · ' . safe_strftime('%d %b %Y · %X', $sLastMod); } echo '</p>'; } echo hInput('from_view', $view), '</div></div></td>'; //-- layer tabs ------------------- echo '<td id="article-tabs"><div id="view_modes">'; echo pluggable_ui('article_ui', 'view', $use_textile == USE_TEXTILE || $textile_body == USE_TEXTILE ? tag(tab('text', $view) . tab('html', $view) . tab('preview', $view), 'ul') : ' ', $rs); echo '</div></td>'; echo '<td id="article-col-2"><div id="supporting_content">'; if ($view == 'text') { if ($step != 'create') { echo n . graf(href(gtxt('create_new'), 'index.php?event=article'), ' class="action-create"'); } //-- prev/next article links -- if ($step != 'create' and ($prev_id or $next_id)) { echo '<p class="article-nav">', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>'; } //-- status radios -------------- echo pluggable_ui('article_ui', 'status', n . n . '<fieldset id="write-status">' . n . '<legend>' . gTxt('status') . '</legend>' . n . status_radio($Status) . n . '</fieldset>', $rs); //-- category selects ----------- echo pluggable_ui('article_ui', 'categories', n . n . '<fieldset id="write-sort">' . n . '<legend>' . gTxt('sort_display') . '</legend>' . n . graf('<label for="category-1">' . gTxt('category1') . '</label> ' . '<span class="edit category-edit small">[' . eLink('category', '', '', '', gTxt('edit')) . ']</span>' . br . n . category_popup('Category1', $Category1, 'category-1'), ' class="category category-1"') . n . graf('<label for="category-2">' . gTxt('category2') . '</label>' . br . n . category_popup('Category2', $Category2, 'category-2'), ' class="category category-2"'), $rs); //-- section select -------------- if (!$from_view && !$pull) { $Section = getDefaultSection(); } echo pluggable_ui('article_ui', 'section', n . graf('<label for="section">' . gTxt('section') . '</label> ' . '<span class="edit section-edit small">[' . eLink('section', '', '', '', gTxt('edit')) . ']</span>' . br . section_popup($Section, 'section'), ' class="section"') . n . '</fieldset>', $rs); //-- "More" section echo n . n . '<div id="more_group"><h3 class="plain lever' . (get_pref('pane_article_more_visible') ? ' expanded' : '') . '"><a href="#more">' . gTxt('more') . '</a></h3>', '<div id="more" class="toggle" style="display:' . (get_pref('pane_article_more_visible') ? 'block' : 'none') . '">'; //-- comments stuff -------------- if ($step == "create") { //Avoiding invite disappear when previewing $AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite; if ($comments_on_default == 1) { $Annotate = 1; } } if ($use_comments == 1) { $invite[] = n . n . '<fieldset id="write-comments">' . n . '<legend>' . gTxt('comments') . '</legend>'; $comments_expired = false; if ($step != 'create' && $comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $sPosted; if ($time_since > $lifespan) { $comments_expired = true; } } if ($comments_expired) { $invite[] = n . n . graf(gTxt('expired'), ' class="comment-annotate"'); } else { $invite[] = n . n . graf(onoffRadio('Annotate', $Annotate), ' class="comment-annotate"') . n . n . graf('<label for="comment-invite">' . gTxt('comment_invitation') . '</label>' . br . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit', '', '', '', '', 'comment-invite'), ' class="comment-invite"'); } $invite[] = n . n . '</fieldset>'; echo pluggable_ui('article_ui', 'annotate_invite', join('', $invite), $rs); } if ($step == "create" and empty($GLOBALS['ID'])) { //-- timestamp ------------------- //Avoiding modified date to disappear $persist_timestamp = !empty($store_out['year']) ? safe_strtotime($store_out['year'] . '-' . $store_out['month'] . '-' . $store_out['day'] . ' ' . $store_out['hour'] . ':' . $store_out['minute'] . ':' . $store_out['second']) : time(); echo pluggable_ui('article_ui', 'timestamp', n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('publish_now', '1', $publish_now, '', 'publish_now') . '<label for="publish_now">' . gTxt('set_to_now') . '</label>', ' class="publish-now"') . n . graf(gTxt('or_publish_at') . sp . popHelp('timestamp'), ' class="publish-at"') . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('year', '%Y', $persist_timestamp) . ' / ' . tsi('month', '%m', $persist_timestamp) . ' / ' . tsi('day', '%d', $persist_timestamp), ' class="date posted created"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('hour', '%H', $persist_timestamp) . ' : ' . tsi('minute', '%M', $persist_timestamp) . ' : ' . tsi('second', '%S', $persist_timestamp), ' class="time posted created"') . n . '</fieldset>', array('sPosted' => $persist_timestamp) + $rs); //-- expires ------------------- $persist_timestamp = !empty($store_out['exp_year']) ? safe_strtotime($store_out['exp_year'] . '-' . $store_out['exp_month'] . '-' . $store_out['exp_day'] . ' ' . $store_out['exp_hour'] . ':' . $store_out['exp_minute'] . ':' . $store_out['second']) : NULLDATETIME; echo pluggable_ui('article_ui', 'expires', n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('exp_year', '%Y', $persist_timestamp) . ' / ' . tsi('exp_month', '%m', $persist_timestamp) . ' / ' . tsi('exp_day', '%d', $persist_timestamp), ' class="date expires"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('exp_hour', '%H', $persist_timestamp) . ' : ' . tsi('exp_minute', '%M', $persist_timestamp) . ' : ' . tsi('exp_second', '%S', $persist_timestamp), ' class="time expires"') . n . '</fieldset>', $rs); // end "More" section echo n . n . '</div></div>'; //-- publish button -------------- echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish", '', '', '', 4) : fInput('submit', 'publish', gTxt('save'), "publish", '', '', '', 4); } else { //-- timestamp ------------------- if (!empty($year)) { $sPosted = safe_strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second); } echo pluggable_ui('article_ui', 'timestamp', n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('reset_time', '1', $reset_time, '', 'reset_time') . '<label for="reset_time">' . gTxt('reset_time') . '</label>', ' class="reset-time"') . n . graf(gTxt('published_at') . sp . popHelp('timestamp'), ' class="publish-at"') . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('year', '%Y', $sPosted) . ' / ' . tsi('month', '%m', $sPosted) . ' / ' . tsi('day', '%d', $sPosted), ' class="date posted created"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('hour', '%H', $sPosted) . ' : ' . tsi('minute', '%M', $sPosted) . ' : ' . tsi('second', '%S', $sPosted), ' class="time posted created"') . n . hInput('sPosted', $sPosted) . n . hInput('sLastMod', $sLastMod) . n . hInput('AuthorID', $AuthorID) . n . hInput('LastModID', $LastModID) . n . '</fieldset>', $rs); //-- expires ------------------- if (!empty($exp_year)) { if (empty($exp_month)) { $exp_month = 1; } if (empty($exp_day)) { $exp_day = 1; } if (empty($exp_hour)) { $exp_hour = 0; } if (empty($exp_minute)) { $exp_minute = 0; } if (empty($exp_second)) { $exp_second = 0; } $sExpires = safe_strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second); } echo pluggable_ui('article_ui', 'expires', n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('exp_year', '%Y', $sExpires) . ' / ' . tsi('exp_month', '%m', $sExpires) . ' / ' . tsi('exp_day', '%d', $sExpires), ' class="date expires"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('exp_hour', '%H', $sExpires) . ' : ' . tsi('exp_minute', '%M', $sExpires) . ' : ' . tsi('exp_second', '%S', $sExpires), ' class="time expires"') . n . hInput('sExpires', $sExpires) . n . '</fieldset>', $rs); // end "More" section echo n . n . '</div></div>'; //-- save button -------------- if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) { echo fInput('submit', 'save', gTxt('save'), "publish", '', '', '', 4); } } } echo '</div></td></tr></table></form></div>' . n; // Assume users would not change the timestamp if they wanted to "publish now"/"reset time" echo script_js(<<<EOS \t\t\$('#write-timestamp input.edit').change( \t\t\tfunction() { \t\t\t\t\$('#publish_now').attr('checked', false); \t\t\t\t\$('#reset_time').attr('checked', false); \t\t\t}); EOS ); }
function ipban_list($message = '') { pageTop(gTxt('list_banned_ips'), $message); $rs = safe_rows_start('*, unix_timestamp(date_banned) as uBanned', 'txp_discuss_ipban', "1 = 1 order by date_banned desc"); if ($rs and numRows($rs) > 0) { echo startTable('list') . tr(hCell(gTxt('date_banned')) . hCell(gTxt('IP')) . hCell(gTxt('name_used')) . hCell(gTxt('banned_for')) . hCell()); while ($a = nextRow($rs)) { extract($a); echo tr(td(safe_strftime('%d %b %Y %I:%M %p', $uBanned), 100) . td($ip, 100) . td($name_used, 100) . td('<a href="?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $banned_on_message . '">' . $banned_on_message . '</a>', 100) . td('<a href="?event=discuss' . a . 'step=ipban_unban' . a . 'ip=' . $ip . '">' . gTxt('unban') . '</a>')); } echo endTable(); } else { echo graf(gTxt('no_ips_banned'), ' class="indicator"'); } }
function ipban_list($message = '') { global $event; pageTop(gTxt('list_banned_ips'), $message); $rs = safe_rows_start('*, unix_timestamp(date_banned) as uBanned', 'txp_discuss_ipban', "1 = 1 order by date_banned desc"); if ($rs and numRows($rs) > 0) { echo '<div id="' . $event . '_ban_container" class="txp-container txp-list">' . startTable('list', '', 'list') . n . '<thead>' . tr(hCell(gTxt('date_banned'), '', ' class="date banned"') . hCell(gTxt('IP'), '', ' class="ip"') . hCell(gTxt('name_used'), '', ' class="name"') . hCell(gTxt('banned_for'), '', ' class="id"') . hCell('', '', ' class="actions"')) . n . '</thead>'; echo '<tbody>'; $ctr = 1; while ($a = nextRow($rs)) { extract($a); echo tr(td(safe_strftime('%d %b %Y %I:%M %p', $uBanned), 100, 'date banned') . td($ip, 100, 'ip') . td($name_used, 100, 'name') . td('<a href="?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $banned_on_message . '">' . $banned_on_message . '</a>', 100, 'id') . td('<a class="action-ban" href="?event=discuss' . a . 'step=ipban_unban' . a . 'ip=' . $ip . '">' . gTxt('unban') . '</a>', '', 'actions'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"'); $ctr++; } echo '</tbody>' . endTable() . '</div>'; } else { echo graf(gTxt('no_ips_banned'), ' class="indicator"'); } }
function author_list() { global $txp_user, $author_list_pageby; extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('admin_sort_column', 'name'); } if ($dir === '') { $dir = get_pref('admin_sort_dir', 'asc'); } $dir = $dir == 'desc' ? 'desc' : 'asc'; if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) { $sort = 'name'; } $sort_sql = $sort . ' ' . $dir; set_pref('admin_sort_column', $sort, 'admin', 2, '', 0, PREF_PRIVATE); set_pref('admin_sort_dir', $dir, 'admin', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $total = getCount('txp_users', '1=1'); $limit = max($author_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); $rs = safe_rows_start('*, unix_timestamp(last_access) as last_login', 'txp_users', '1 = 1 order by ' . $sort_sql . ' limit ' . $offset . ', ' . $limit); if ($rs) { echo n . '<div class="txp-list">'; echo '<form action="index.php" id="users_form" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', 'list') . n . '<thead>' . n . tr(column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'name login-name') . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', ('RealName' == $sort ? "{$dir} " : '') . 'name real-name') . column_head('email', 'email', 'admin', true, $switch_dir, '', '', ('email' == $sort ? "{$dir} " : '') . 'email') . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', ('privs' == $sort ? "{$dir} " : '') . 'privs') . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', ('last_login' == $sort ? "{$dir} " : '') . 'date last-login modified') . hCell('', '', ' class="actions"') . hCell('', '', ' class="multi-edit"')) . n . '</thead>'; $tfoot = n . '<tfoot>' . tr(tda(has_privs('admin.edit') ? select_buttons() . author_multiedit_form($page, $sort, $dir, $crit, $search_method) : '', ' class="multi-edit" colspan="7" style="text-align: right; border: none;"')) . n . '</tfoot>'; echo $tfoot; echo '<tbody>'; $ctr = 1; while ($a = nextRow($rs)) { extract(doSpecial($a)); echo tr(td($name, '', 'name login-name') . td($RealName, '', 'name real-name') . td('<a href="mailto:' . $email . '">' . $email . '</a>', '', 'email') . td(get_priv_level($privs), '', 'privs') . td($last_login ? safe_strftime('%b %Y', $last_login) : '', '', 'date last-login modified') . td(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, gTxt('edit')) : '', '', 'actions') . td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name'], 'checkbox') : '', '', 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"'); $ctr++; } echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="users_navigation" class="txp-navigation">' . nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('admin', $author_list_pageby) . n . '</div>' . n . '</div>'; } }
function discuss_edit() { global $event; pagetop(gTxt('edit_comment')); extract(gpsa(array('discussid', 'sort', 'dir', 'page', 'crit', 'search_method'))); $discussid = assert_int($discussid); $rs = safe_row('*, unix_timestamp(posted) as uPosted', 'txp_discuss', "discussid = {$discussid}"); if ($rs) { extract($rs); $message = txpspecialchars($message); if (fetch('ip', 'txp_discuss_ipban', 'ip', $ip)) { $ban_step = 'ipban_unban'; $ban_text = gTxt('unban'); } else { $ban_step = 'ipban_add'; $ban_text = gTxt('ban'); } $ban_link = '[<a class="action-ban" href="?event=discuss' . a . 'step=' . $ban_step . a . 'ip=' . $ip . a . 'name=' . urlencode($name) . a . 'discussid=' . $discussid . a . '_txp_token=' . form_token() . '">' . $ban_text . '</a>]'; $status_list = selectInput('visible', array(VISIBLE => gTxt('visible'), SPAM => gTxt('spam'), MODERATE => gTxt('unmoderated')), $visible, false, '', 'status'); echo '<div id="' . $event . '_container" class="txp-container">' . form('<div class="txp-edit">' . n . hed(gTxt('edit_comment'), 2) . n . inputLabel('status', $status_list, 'status') . n . inputLabel('name', fInput('text', 'name', $name, '', '', '', INPUT_REGULAR, '', 'name'), 'name') . n . inputLabel('IP', $ip . n . $ban_link, '') . n . inputLabel('email', fInput('text', 'email', $email, '', '', '', INPUT_REGULAR, '', 'email'), 'email') . n . inputLabel('website', fInput('text', 'web', $web, '', '', '', INPUT_REGULAR, '', 'website'), 'website') . n . inputLabel('date', safe_strftime('%d %b %Y %X', $uPosted), '') . n . inputLabel('commentmessage', '<textarea id="commentmessage" name="message" cols="' . INPUT_LARGE . '" rows="' . INPUT_MEDIUM . '">' . $message . '</textarea>', 'message', '', '', '') . n . graf(fInput('submit', 'step', gTxt('save'), 'publish')) . hInput('sort', $sort) . hInput('dir', $dir) . hInput('page', $page) . hInput('crit', $crit) . hInput('search_method', $search_method) . hInput('discussid', $discussid) . hInput('parentid', $parentid) . hInput('ip', $ip) . eInput('discuss') . sInput('discuss_save') . '</div>', '', '', 'post', 'edit-form', '', 'discuss_edit_form'), '</div>'; } else { echo graf(gTxt('comment_not_found'), ' class="indicator"'); } }
function fileDownloadFormatTime($params) { global $prefs; extract($params); if (!empty($ftime)) { return !empty($format) ? safe_strftime($format, $ftime) : safe_strftime($prefs['archive_dateformat'], $ftime); } return ''; }
function is_today($day, $ts) { if ($this->month == safe_strftime('%m', time()) and $day == safe_strftime('%d', time()) and $this->year == safe_strftime('%Y', time())) { return 1; } else { return 0; } }
function list_languages($message = '') { global $prefs, $locale, $textarray; require_once txpath . '/lib/IXRClass.php'; // Select and save active language if (!$message && ps('step') == 'list_languages' && ps('language')) { $locale = doSlash(getlocale(ps('language'))); safe_update("txp_prefs", "val='" . doSlash(ps('language')) . "'", "name='language'"); safe_update("txp_prefs", "val='" . $locale . "'", "name='locale'"); $textarray = load_lang(doSlash(ps('language'))); $locale = setlocale(LC_ALL, $locale); $message = gTxt('preferences_saved'); } $active_lang = safe_field('val', 'txp_prefs', "name='language'"); $lang_form = '<div id="language_control" class="txp-control-panel">' . form(graf(gTxt('active_language') . languages('language', $active_lang) . n . fInput('submit', 'Submit', gTxt('save'), 'publish') . eInput('prefs') . sInput('list_languages'))) . '</div>'; $client = new IXR_Client(RPC_SERVER); //$client->debug = true; $available_lang = array(); $rpc_connect = false; $show_files = false; // Get items from RPC @set_time_limit(90); if ($client->query('tups.listLanguages', $prefs['blog_uid'])) { $rpc_connect = true; $response = $client->getResponse(); foreach ($response as $language) { $available_lang[$language['language']]['rpc_lastmod'] = gmmktime($language['lastmodified']->hour, $language['lastmodified']->minute, $language['lastmodified']->second, $language['lastmodified']->month, $language['lastmodified']->day, $language['lastmodified']->year); } } elseif (gps('force') != 'file') { $msg = gTxt('rpc_connect_error') . "<!--" . $client->getErrorCode() . ' ' . $client->getErrorMessage() . "-->"; } // Get items from Filesystem $files = get_lang_files(); if (is_array($files) && !empty($files)) { foreach ($files as $file) { if ($fp = @fopen(txpath . DS . 'lang' . DS . $file, 'r')) { $name = str_replace('.txt', '', $file); $firstline = fgets($fp, 4069); fclose($fp); if (strpos($firstline, '#@version') !== false) { @(list($fversion, $ftime) = explode(';', trim(substr($firstline, strpos($firstline, ' ', 1))))); } else { $fversion = $ftime = NULL; } $available_lang[$name]['file_note'] = isset($fversion) ? $fversion : 0; $available_lang[$name]['file_lastmod'] = isset($ftime) ? $ftime : 0; } } } // Get installed items from the database // We need a value here for the language itself, not for each one of the rows $rows = safe_rows('lang, UNIX_TIMESTAMP(MAX(lastmod)) as lastmod', 'txp_lang', "1 GROUP BY lang ORDER BY lastmod DESC"); $installed_lang = array(); foreach ($rows as $language) { $available_lang[$language['lang']]['db_lastmod'] = $language['lastmod']; if ($language['lang'] != $active_lang) { $installed_lang[] = $language['lang']; } } $list = ''; // Show the language table foreach ($available_lang as $langname => $langdat) { $file_updated = isset($langdat['db_lastmod']) && @$langdat['file_lastmod'] > $langdat['db_lastmod']; $rpc_updated = @$langdat['rpc_lastmod'] > @$langdat['db_lastmod']; $rpc_install = tda($rpc_updated ? strong(eLink('prefs', 'get_language', 'lang_code', $langname, isset($langdat['db_lastmod']) ? gTxt('update') : gTxt('install'), 'updating', isset($langdat['db_lastmod']), '')) . n . '<span class="date modified">' . safe_strftime('%d %b %Y %X', @$langdat['rpc_lastmod']) . '</span>' : (isset($langdat['rpc_lastmod']) ? gTxt('updated') : '-') . (isset($langdat['db_lastmod']) ? n . '<span class="date modified">' . safe_strftime('%d %b %Y %X', $langdat['db_lastmod']) . '</span>' : ''), isset($langdat['db_lastmod']) && $rpc_updated ? ' class="highlight lang-value"' : ' class="lang-value"'); $lang_file = tda(isset($langdat['file_lastmod']) ? strong(eLink('prefs', 'get_language', 'lang_code', $langname, $file_updated ? gTxt('update') : gTxt('install'), 'force', 'file', '')) . n . '<span class="date ' . ($file_updated ? 'created' : 'modified') . '">' . safe_strftime($prefs['archive_dateformat'], $langdat['file_lastmod']) . '</span>' : '-', ' class="lang-value languages_detail' . (isset($langdat['db_lastmod']) && $rpc_updated ? ' highlight' : '') . '"'); $list .= tr(tda(gTxt($langname), isset($langdat['db_lastmod']) && $rpc_updated ? ' class="highlight lang-label"' : ' class="lang-label"') . n . $rpc_install . n . $lang_file . n . tda(in_array($langname, $installed_lang) ? dLink('prefs', 'remove_language', 'lang_code', $langname, 1) : '-', ' class="languages_detail' . (isset($langdat['db_lastmod']) && $rpc_updated ? ' highlight' : '') . '"')) . n . n; } // Output Table + Content // TODO: tab_languages when this panel is moved to its own tab pagetop(gTxt('update_languages'), $message); //TODO: tab_languages when this panel is moved to its own tab echo '<h1 class="txp-heading">' . gTxt('update_languages') . '</h1>'; echo n . '<div id="language_container" class="txp-container">'; if (isset($msg) && $msg) { echo tag($msg, 'p', ' class="error lang-msg"'); } echo n . '<p class="nav-tertiary">' . sLink('prefs', 'prefs_list', gTxt('site_prefs'), 'navlink') . sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink') . sLink('prefs', 'list_languages', gTxt('manage_languages'), 'navlink-active') . n . '</p>'; echo $lang_form; echo n, '<div class="txp-listtables">', startTable('', '', 'txp-list'), '<thead>', tr(hCell(gTxt('language')) . hCell(gTxt('from_server') . n . popHelp('install_lang_from_server')) . hCell(gTxt('from_file') . n . popHelp('install_lang_from_file'), '', ' class="languages_detail"') . hCell(gTxt('remove_lang') . n . popHelp('remove_lang'), '', ' class="languages_detail"')), '</thead>'; echo '<tbody>' . $list . '</tbody>', endTable(), n, '</div>'; echo graf(toggle_box('languages_detail'), ' class="detail-toggle"'); echo hed(gTxt('install_from_textpack'), 3) . n . form(graf('<label for="textpack-install">' . gTxt('install_textpack') . '</label>' . n . popHelp('get_textpack') . n . '<textarea id="textpack-install" class="code" name="textpack" cols="' . INPUT_LARGE . '" rows="' . INPUT_XSMALL . '"></textarea>' . n . fInput('submit', 'install_new', gTxt('upload')) . eInput('prefs') . sInput('get_textpack')), '', '', 'post', 'edit-form', '', 'text_uploader'); echo '</div>'; // end language_container }
/** * Renders a HTML <select> list of available ways to display the date. * * Can be altered by plugins via the 'prefs_ui > dateformats' * pluggable UI callback event. * * @param string $name HTML name and id of the widget * @param string $val Initial (or current) selected item * @return string HTML */ function dateformats($name, $val) { $dayname = '%A'; $dayshort = '%a'; $daynum = is_numeric(@strftime('%e')) ? '%e' : '%d'; $daynumlead = '%d'; $daynumord = is_numeric(substr(trim(@strftime('%Oe')), 0, 1)) ? '%Oe' : $daynum; $monthname = '%B'; $monthshort = '%b'; $monthnum = '%m'; $year = '%Y'; $yearshort = '%y'; $time24 = '%H:%M'; $time12 = @strftime('%p') ? '%I:%M %p' : $time24; $date = @strftime('%x') ? '%x' : '%Y-%m-%d'; $formats = array("{$monthshort} {$daynumord}, {$time12}", "{$daynum}.{$monthnum}.{$yearshort}", "{$daynumord} {$monthname}, {$time12}", "{$yearshort}.{$monthnum}.{$daynumlead}, {$time12}", "{$dayshort} {$monthshort} {$daynumord}, {$time12}", "{$dayname} {$monthname} {$daynumord}, {$year}", "{$monthshort} {$daynumord}", "{$daynumord} {$monthname} {$yearshort}", "{$daynumord} {$monthnum} {$year} - {$time24}", "{$daynumord} {$monthname} {$year}", "{$daynumord} {$monthname} {$year}, {$time24}", "{$daynumord}. {$monthname} {$year}", "{$daynumord}. {$monthname} {$year}, {$time24}", "{$year}-{$monthnum}-{$daynumlead}", "{$year}-{$daynumlead}-{$monthnum}", "{$date} {$time12}", "{$date}", "{$time24}", "{$time12}", "{$year}-{$monthnum}-{$daynumlead} {$time24}"); $ts = time(); $vals = array(); foreach ($formats as $f) { if ($d = safe_strftime($f, $ts)) { $vals[$f] = $d; } } $vals['since'] = gTxt('hours_days_ago'); return pluggable_ui('prefs_ui', 'dateformats', selectInput($name, array_unique($vals), $val, '', '', $name), compact('vals', 'name', 'val', 'ts')); }
/** * The main panel listing all authors. * * @param string|array $message The activity message */ function author_list($message = '') { global $event, $txp_user, $author_list_pageby, $levels; pagetop(gTxt('tab_site_admin'), $message); if (is_disabled('mail')) { echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('warn_mail_unavailable'), array('class' => 'alert-block warning')); } $buttons = array(); // Change password button. $buttons[] = sLink('admin', 'new_pass_form', gTxt('change_password'), 'txp-button'); if (!has_privs('admin.edit')) { // Change email address button. $buttons[] = sLink('admin', 'change_email_form', gTxt('change_email_address'), 'txp-button'); } else { // New author button. $buttons[] = sLink('admin', 'author_edit', gTxt('add_new_author'), 'txp-button'); } // User list. if (has_privs('admin.list')) { extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('admin_sort_column', 'name'); } else { if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) { $sort = 'name'; } set_pref('admin_sort_column', $sort, 'admin', 2, '', 0, PREF_PRIVATE); } if ($dir === '') { $dir = get_pref('admin_sort_dir', 'asc'); } else { $dir = $dir == 'desc' ? "desc" : "asc"; set_pref('admin_sort_dir', $dir, 'admin', 2, '', 0, PREF_PRIVATE); } $sort_sql = $sort . ' ' . $dir; $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $search = new Filter($event, array('login' => array('column' => 'txp_users.name', 'label' => gTxt('login_name')), 'RealName' => array('column' => 'txp_users.RealName', 'label' => gTxt('real_name')), 'email' => array('column' => 'txp_users.email', 'label' => gTxt('email')), 'privs' => array('column' => array('txp_users.privs'), 'label' => gTxt('privileges'), 'type' => 'boolean'))); $search->setAliases('privs', $levels); list($criteria, $crit, $search_method) = $search->getFilter(); $search_render_options = array('placeholder' => 'search_users'); $total = getCount('txp_users', $criteria); echo n . tag(hed(gTxt('tab_site_admin'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1')); $searchBlock = n . tag($search->renderForm('author_list', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => 'users_control')); $createBlock = array(); $createBlock[] = n . tag(implode(n, $buttons), 'div', array('class' => 'txp-control-panel')); $contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => 'users_container')); $createBlock = implode(n, $createBlock); if ($total < 1) { if ($criteria != 1) { echo $searchBlock . $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information')) . n . tag_end('div'); } return; } $limit = max($author_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); $use_multi_edit = has_privs('admin.edit') && ($total > 1 or safe_count('txp_users', "1 = 1") > 1); echo $searchBlock . $contentBlockStart . $createBlock; $rs = safe_rows_start("*, UNIX_TIMESTAMP(last_access) AS last_login", 'txp_users', "{$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}"); if ($rs) { echo n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'users_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(($use_multi_edit ? hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') : hCell('', '', ' class="txp-list-col-multi-edit" scope="col"')) . column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-login-name name') . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', ('RealName' == $sort ? "{$dir} " : '') . 'txp-list-col-real-name name') . column_head('email', 'email', 'admin', true, $switch_dir, '', '', ('email' == $sort ? "{$dir} " : '') . 'txp-list-col-email') . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', ('privs' == $sort ? "{$dir} " : '') . 'txp-list-col-privs') . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', ('last_login' == $sort ? "{$dir} " : '') . 'txp-list-col-last-login date')) . n . tag_end('thead') . n . tag_start('tbody'); while ($a = nextRow($rs)) { extract(doSpecial($a)); echo tr(td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name'], 'checkbox') : '', '', 'txp-list-col-multi-edit') . hCell(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, $name) : $name, '', ' class="txp-list-col-login-name name" scope="row"') . td($RealName, '', 'txp-list-col-real-name name') . td(href($email, 'mailto:' . $email), '', 'txp-list-col-email') . td(get_priv_level($privs), '', 'txp-list-col-privs') . td($last_login ? safe_strftime('%b %Y', $last_login) : '', '', 'txp-list-col-last-login date')); } echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . ($use_multi_edit ? author_multiedit_form($page, $sort, $dir, $crit, $search_method) : '') . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => 'users_navigation')) . pageby_form('admin', $author_list_pageby) . nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method) . n . tag_end('div'); } echo n . tag_end('div'); } else { echo n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => 'users_container')) . n . tag(implode(n, $buttons), 'div', array('class' => 'txp-control-panel')) . n . tag_end('div'); } }
function author_list() { global $txp_user, $author_list_pageby; extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) { $sort = 'name'; } $dir = $dir == 'desc' ? 'desc' : 'asc'; $sort_sql = $sort . ' ' . $dir; $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $total = getCount('txp_users', '1=1'); $limit = max($author_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); $rs = safe_rows_start('*, unix_timestamp(last_access) as last_login', 'txp_users', '1 = 1 order by ' . $sort_sql . ' limit ' . $offset . ', ' . $limit); if ($rs) { echo '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list') . tr(column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', 'name' == $sort ? $dir : '') . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', 'RealName' == $sort ? $dir : '') . column_head('email', 'email', 'admin', true, $switch_dir, '', '', 'email' == $sort ? $dir : '') . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', 'privs' == $sort ? $dir : '') . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', 'last_login' == $sort ? $dir : '') . hCell() . hCell()); while ($a = nextRow($rs)) { extract(doSpecial($a)); echo tr(td($name) . td($RealName) . td('<a href="mailto:' . $email . '">' . $email . '</a>') . td(get_priv_level($privs)) . td($last_login ? safe_strftime('%b %Y', $last_login) : '') . td(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, gTxt('edit')) : '') . td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name']) : '')); } echo n . n . tr(tda(select_buttons() . author_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="6" style="text-align: right; border: none;"')) . endTable() . '</form>' . nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('admin', $author_list_pageby); } }
function preText($s, $prefs) { extract($prefs); if (gps('rss')) { include txpath . '/publish/rss.php'; exit(rss()); } if (gps('atom')) { include txpath . '/publish/atom.php'; exit(atom()); } // set messy variables $out = makeOut('id', 's', 'c', 'q', 'pg', 'p', 'month'); // some useful vars for taghandlers, plugins $out['request_uri'] = serverSet('REQUEST_URI'); $out['qs'] = serverSet('QUERY_STRING'); // IIS - can someone confirm whether or not this works? if (!$out['request_uri'] and $argv = serverSet('argv')) { $out['request_uri'] = @substr($argv[0], strpos($argv[0], ';' + 1)); } // define the useable url, minus any subdirectories. // this is pretty fugly, if anyone wants to have a go at it - dean $out['subpath'] = $subpath = preg_quote(preg_replace("/http:\\/\\/.*(\\/.*)/Ui", "\$1", hu), "/"); $out['req'] = $req = preg_replace("/^{$subpath}/i", "/", serverSet('REQUEST_URI')); // if messy vars exist, bypass url parsing if (!$out['id'] && !$out['s']) { extract(chopUrl($req)); //first we sniff out some of the preset url schemes if (!empty($u1)) { switch ($u1) { case 'atom': include txpath . '/publish/atom.php'; exit(atom()); case 'rss': include txpath . '/publish/rss.php'; exit(rss()); case strtolower(gTxt('section')): $out['s'] = ckEx('section', $u2) ? $u2 : 'default'; break; case strtolower(gTxt('category')): $out['c'] = ckEx('category', $u2) ? $u2 : ''; break; case urlencode(gTxt('author')): $author_name = !empty($u2) ? urldecode($u2) : ''; $out['author'] = safe_field('name', 'txp_users', "RealName like '{$author_name}'"); break; case strtolower(gTxt('file_download')): $out['s'] = 'file_download'; $out['id'] = !empty($u2) ? $u2 : ''; break; case 'p': $out['p'] = is_numeric($u2) ? $u2 : ''; break; default: // then see if the prefs-defined permlink scheme is usable switch ($permlink_mode) { case 'section_id_title': $out['s'] = ckEx('section', $u1) ? $u1 : 'default'; $out['id'] = is_numeric($u2) && ckExID($u2) ? $u2 : ''; break; case 'year_month_day_title': if (empty($u4)) { $out['month'] = "{$u1}-{$u2}"; if (!empty($u3)) { $out['month'] .= "-{$u3}"; } $out['s'] = 'default'; } else { $when = safe_strftime('%Y-%m-%d', strtotime("{$u1}-{$u2}-{$u3}")); $rs = lookupByDateTitle($when, $u4); $out['id'] = !empty($rs['ID']) ? $rs['ID'] : ''; $out['s'] = !empty($rs['Section']) ? $rs['Section'] : ''; } break; case 'section_title': $rs = lookupByTitleSection($u2, $u1); $out['id'] = !empty($rs['ID']) ? $rs['ID'] : ''; $out['s'] = ckEx('section', $u1) ? $u1 : 'default'; break; case 'title_only': $rs = lookupByTitle($u1); $out['id'] = !empty($rs['ID']) ? $rs['ID'] : ''; $out['s'] = !empty($rs['Section']) ? $rs['Section'] : ckEx('section', $u1) ? $u1 : 'default'; break; case 'id_title': if (is_numeric($u1) && ckExID($u1)) { $rs = lookupByID($u1); $out['id'] = !empty($rs['ID']) ? $rs['ID'] : ''; $out['s'] = !empty($rs['Section']) ? $rs['Section'] : 'default'; } else { # We don't want to miss the /section/ pages $out['s'] = ckEx('section', $u1) ? $u1 : 'default'; } break; } } } else { $out['s'] = 'default'; } } else { // Messy mode, but prevent to get the id for file_downloads if ($out['id'] && !$out['s']) { $out['s'] = safe_field('section', 'textpattern', "ID='" . doSlash($out['id']) . "'"); } } if ($out['s'] == 'file_download') { // get id of potential filename if (!is_numeric($out['id'])) { $rs = safe_row("*", "txp_file", "filename='" . $out['id'] . "'"); } else { $rs = safe_row("*", "txp_file", "id='" . $out['id'] . "'"); } $out = $rs ? array_merge($out, $rs) : array('s' => 'file_download', 'file_error' => 404); return $out; } $out['s'] = empty($out['s']) ? 'default' : $out['s']; $s = $out['s']; $id = $out['id']; // hackish if (empty($id)) { $GLOBALS['is_article_list'] = true; } // by this point we should know the section, so grab its page and css $rs = safe_row("*", "txp_section", "name = '{$s}' limit 1"); $out['page'] = @$rs['page']; $out['css'] = @$rs['css']; if (is_numeric($id)) { $idrs = safe_row("Posted, AuthorID, Keywords", "textpattern", "ID={$id}"); extract($idrs); if ($np = getNextPrev($id, $Posted, $s)) { $out = array_merge($out, $np); } $out['id_keywords'] = $Keywords; $out['id_author'] = get_author_name($AuthorID); } $out['path_from_root'] = $path_from_root; // these are deprecated as of 1.0 $out['pfr'] = $path_from_root; // leaving them here for plugin compat $out['path_to_site'] = $path_to_site; $out['permlink_mode'] = $permlink_mode; $out['sitename'] = htmlspecialchars($sitename); return $out; }
function rss() { global $prefs, $thisarticle; set_error_handler('feedErrorHandler'); ob_clean(); extract($prefs); extract(doSlash(gpsa(array('limit', 'area')))); // build filter criteria from a comma-separated list of sections and categories $feed_filter_limit = get_pref('feed_filter_limit', 10); $section = gps('section'); $category = gps('category'); if (!is_scalar($section) || !is_scalar($category)) { txp_die('Not Found', 404); } $section = $section ? array_slice(array_unique(do_list($section)), 0, $feed_filter_limit) : array(); $category = $category ? array_slice(array_unique(do_list($category)), 0, $feed_filter_limit) : array(); $st = array(); foreach ($section as $s) { $st[] = fetch_section_title($s); } $ct = array(); foreach ($category as $c) { $ct[] = fetch_category_title($c); } $sitename .= $section ? ' - ' . join(' - ', $st) : ''; $sitename .= $category ? ' - ' . join(' - ', $ct) : ''; $dn = explode('/', $siteurl); $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0]; // feed header $out[] = tag('http://textpattern.com/?v=' . $version, 'generator'); $out[] = tag(doSpecial($sitename), 'title'); $out[] = tag(hu, 'link'); $out[] = '<atom:link href="' . pagelinkurl(array('rss' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" rel="self" type="application/rss+xml" />'; $out[] = tag(doSpecial($site_slogan), 'description'); $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod'); $out[] = tag(safe_strftime('rfc822', $last), 'pubDate'); $out[] = callback_event('rss_head'); // feed items $articles = array(); $section = doSlash($section); $category = doSlash($category); if (!$area or $area == 'article') { $sfilter = !empty($section) ? "and Section in ('" . join("','", $section) . "')" : ''; $cfilter = !empty($category) ? "and (Category1 in ('" . join("','", $category) . "') or Category2 in ('" . join("','", $category) . "'))" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $frs = safe_column("name", "txp_section", "in_rss != '1'"); if ($frs) { foreach ($frs as $f) { $query[] = "and Section != '" . doSlash($f) . "'"; } } $query[] = $sfilter; $query[] = $cfilter; $expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') '; $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(LastMod) as uLastMod, unix_timestamp(Expires) as uExpires, ID as thisid", "textpattern", "Status = 4 " . join(' ', $query) . "and Posted < now()" . $expired . "order by Posted desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); populateArticleData($a); $cb = callback_event('rss_entry'); $a['posted'] = $uPosted; $permlink = permlinkurl($a); $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink)); $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink)); if ($syndicate_body_or_excerpt) { # short feed: use body as summary if there's no excerpt if (!trim($summary)) { $summary = $content; } $content = ''; } if ($show_comment_count_in_feed) { $count = $comments_count > 0 ? ' [' . $comments_count . ']' : ''; } else { $count = ''; } $Title = escape_title(strip_tags($Title)) . $count; $thisauthor = get_author_name($AuthorID); $item = tag($Title, 'title') . n . (trim($summary) ? tag(n . escape_cdata($summary) . n, 'description') . n : '') . (trim($content) ? tag(n . escape_cdata($content) . n, 'content:encoded') . n : '') . tag($permlink, 'link') . n . tag(safe_strftime('rfc822', $a['posted']), 'pubDate') . n . tag(htmlspecialchars($thisauthor), 'dc:creator') . n . tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'guid', ' isPermaLink="false"') . n . $cb; $articles[$ID] = tag($item, 'item'); $etags[$ID] = strtoupper(dechex(crc32($articles[$ID]))); $dates[$ID] = $uPosted; } } } elseif ($area == 'link') { $cfilter = $category ? "category in ('" . join("','", $category) . "')" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $rs = safe_rows_start("*, unix_timestamp(date) as uDate", "txp_link", "{$cfilter} order by date desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); $item = tag(doSpecial($linkname), 'title') . n . tag(doSpecial($description), 'description') . n . tag(doSpecial($url), 'link') . n . tag(safe_strftime('rfc822', $uDate), 'pubDate'); $articles[$id] = tag($item, 'item'); $etags[$id] = strtoupper(dechex(crc32($articles[$id]))); $dates[$id] = $date; } } } if (!$articles) { if ($section) { if (safe_field('name', 'txp_section', "name in ('" . join("','", $section) . "')") == false) { txp_die(gTxt('404_not_found'), '404'); } } elseif ($category) { switch ($area) { case 'link': if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'link'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; case 'article': default: if (safe_field('id', 'txp_category', "name in ('" . join("','", $category) . "') and type = 'article'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; } } } else { //turn on compression if we aren't using it already if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) { // make sure notices/warnings/errors don't fudge up the feed // when compression is used $buf = ''; while ($b = @ob_get_clean()) { $buf .= $b; } @ob_start('ob_gzhandler'); echo $buf; } handle_lastmod(); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); $imsd = $hims ? strtotime($hims) : 0; if (is_callable('apache_request_headers')) { $headers = apache_request_headers(); if (isset($headers["A-IM"])) { $canaim = strpos($headers["A-IM"], "feed"); } else { $canaim = false; } } else { $canaim = false; } $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH')); $cutarticles = false; if ($canaim !== false) { foreach ($articles as $id => $thing) { if (strpos($hinm, $etags[$id]) !== false) { unset($articles[$id]); $cutarticles = true; $cut_etag = true; } if ($dates[$id] < $imsd) { unset($articles[$id]); $cutarticles = true; $cut_time = true; } } } if (isset($cut_etag) && isset($cut_time)) { header("Vary: If-None-Match, If-Modified-Since"); } else { if (isset($cut_etag)) { header("Vary: If-None-Match"); } else { if (isset($cut_time)) { header("Vary: If-Modified-Since"); } } } $etag = @join("-", $etags); if (strstr($hinm, $etag)) { txp_status_header('304 Not Modified'); exit(0); } if ($cutarticles) { //header("HTTP/1.1 226 IM Used"); //This should be used as opposed to 200, but Apache doesn't like it. //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200. header("Cache-Control: no-store, im"); header("IM: feed"); } } $out = array_merge($out, $articles); header("Content-Type: application/rss+xml; charset=utf-8"); if (isset($etag)) { header('ETag: "' . $etag . '"'); } return '<?xml version="1.0" encoding="utf-8"?>' . n . '<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom">' . n . tag(join(n, $out), 'channel') . n . '</rss>'; }
function author_list($message = '') { global $txp_user, $author_list_pageby; pagetop(gTxt('tab_site_admin'), $message); if (is_disabled('mail')) { echo tag(gTxt('warn_mail_unavailable'), 'p', ' class="alert-block warning" '); } echo '<h1 class="txp-heading">' . gTxt('tab_site_admin') . '</h1>'; echo '<div id="users_control" class="txp-control-panel">'; // Change password button echo '<p class="txp-buttons">'; echo sLink('admin', 'new_pass_form', gTxt('change_password')); // Change email address button if (!has_privs('admin.edit')) { echo n . sLink('admin', 'change_email_form', gTxt('change_email_address')); } // User list if (has_privs('admin.list')) { extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('admin_sort_column', 'name'); } if ($dir === '') { $dir = get_pref('admin_sort_dir', 'asc'); } $dir = $dir == 'desc' ? 'desc' : 'asc'; if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) { $sort = 'name'; } $sort_sql = $sort . ' ' . $dir; set_pref('admin_sort_column', $sort, 'admin', 2, '', 0, PREF_PRIVATE); set_pref('admin_sort_dir', $dir, 'admin', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit != '') { $crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit)); $critsql = array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name like '%{$crit_escaped}%'", 'real_name' => "RealName like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'privs' => "privs in ('" . join("','", do_list($crit_escaped)) . "')"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $criteria .= callback_event('admin_criteria', 'author_list', 0, $criteria); $total = getCount('txp_users', $criteria); // New author button if (has_privs('admin.edit')) { echo n . sLink('admin', 'author_edit', gTxt('add_new_author')); } echo '</p>'; // end txp-buttons if ($total < 1) { if ($criteria != 1) { echo n . author_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } return; } $limit = max($author_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); $use_multi_edit = has_privs('admin.edit') && safe_count('txp_users', '1=1') > 1; echo author_search_form($crit, $search_method) . '</div>'; $rs = safe_rows_start('*, unix_timestamp(last_access) as last_login', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo n . '<div id="users_container" class="txp-container">'; echo '<form action="index.php" id="users_form" class="multi_edit_form" method="post" name="longform">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . ($use_multi_edit ? hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') : hCell('', '', ' class="multi-edit"')) . n . column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'name login-name') . n . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', ('RealName' == $sort ? "{$dir} " : '') . 'name real-name') . n . column_head('email', 'email', 'admin', true, $switch_dir, '', '', ('email' == $sort ? "{$dir} " : '') . 'email') . n . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', ('privs' == $sort ? "{$dir} " : '') . 'privs') . n . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', ('last_login' == $sort ? "{$dir} " : '') . 'date last-login modified')) . n . '</thead>'; echo '<tbody>'; while ($a = nextRow($rs)) { extract(doSpecial($a)); echo tr(td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name'], 'checkbox') : '', '', 'multi-edit') . td(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, $name) : $name, '', 'name login-name') . td($RealName, '', 'name real-name') . td('<a href="mailto:' . $email . '">' . $email . '</a>', '', 'email') . td(get_priv_level($privs), '', 'privs') . td($last_login ? safe_strftime('%b %Y', $last_login) : '', '', 'date last-login modified')); } echo '</tbody>', n, endTable(), n, '</div>', n, $use_multi_edit ? author_multiedit_form($page, $sort, $dir, $crit, $search_method) : '', n, tInput(), n, '</form>', n, '<div id="users_navigation" class="txp-navigation">', n, nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method), n, pageby_form('admin', $author_list_pageby), n, '</div>', n, '</div>'; } } else { echo '</div>'; } }
public function __construct($limit, $reverse) { $this->limit = $limit; $this->reverse = $reverse; // for cache comparison $this->currentDate = safe_strftime('%Y-%m-%d'); // use current date if used in a page template if ($GLOBALS['is_article_list'] && empty($GLOBALS['thisarticle'])) { $this->date = $this->currentDate; } else { $this->date = posted(array('format' => '%Y-%m-%d')); } // need the day in "Month_DAY" format $this->day = strftime('%B_%e', strtotime($this->date)); // for days 1-9, remove an extra space $this->day = str_replace(' ', '', $this->day); // construct URI $this->rootUri = 'http://en.wikipedia.org/wiki/'; $this->uri = $this->rootUri . $this->day; }
function tsi($name, $datevar, $time, $tab = '') { $size = ($name == 'year' or $name == 'exp_year') ? 4 : 2; $s = $time == 0 ? '' : safe_strftime($datevar, $time); return n . '<input type="text" name="' . $name . '" value="' . $s . '" size="' . $size . '" maxlength="' . $size . '" class="edit ' . $name . '"' . (empty($tab) ? '' : ' tabindex="' . $tab . '"') . ' title="' . gTxt('article_' . $name) . '" />'; }
function article_edit($message = '', $concurrent = FALSE) { global $vars, $txp_user, $comments_disabled_after, $txpcfg, $prefs; extract($prefs); extract(gpsa(array('view', 'from_view', 'step'))); if (!empty($GLOBALS['ID'])) { // newly-saved article $ID = $GLOBALS['ID']; $step = 'edit'; } else { $ID = gps('ID'); } include_once txpath . '/lib/classTextile.php'; $textile = new Textile(); // switch to 'text' view upon page load and after article post if (!$view || gps('save') || gps('publish')) { $view = 'text'; } if (!$step) { $step = "create"; } if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != 'preview' && $from_view != 'html' && !$concurrent) { $pull = true; //-- it's an existing article - off we go to the db $ID = assert_int($ID); $rs = safe_row("*, unix_timestamp(Posted) as sPosted,\n\t\t\t\tunix_timestamp(Expires) as sExpires,\n\t\t\t\tunix_timestamp(LastMod) as sLastMod", "textpattern", "ID={$ID}"); extract($rs); $reset_time = $publish_now = $Status < 4; } else { $pull = false; //-- assume they came from post if ($from_view == 'preview' or $from_view == 'html') { $store_out = array(); $store = unserialize(base64_decode(ps('store'))); foreach ($vars as $var) { if (isset($store[$var])) { $store_out[$var] = $store[$var]; } } } else { $store_out = gpsa($vars); if ($concurrent) { $store_out['sLastMod'] = safe_field('unix_timestamp(LastMod) as sLastMod', 'textpattern', 'ID=' . $ID); } } extract($store_out); } $GLOBALS['step'] = $step; if ($step == 'create') { $textile_body = $use_textile; $textile_excerpt = $use_textile; } if ($step != 'create') { // Previous record? $prev_id = checkIfNeighbour('prev', $sPosted); // Next record? $next_id = checkIfNeighbour('next', $sPosted); } $page_title = $Title ? $Title : gTxt('write'); pagetop($page_title, $message); echo n . n . '<form name="article" method="post" action="index.php">'; if (!empty($store_out)) { echo hInput('store', base64_encode(serialize($store_out))); } echo hInput('ID', $ID) . eInput('article') . sInput($step) . '<input type="hidden" name="view" />' . startTable('edit') . '<tr>' . n . '<td id="article-col-1">'; if ($view == 'text') { //-- markup help -------------- echo side_help($textile_body, $textile_excerpt) . '<h3 class="plain"><a href="#advanced" onclick="toggleDisplay(\'advanced\'); return false;">' . gTxt('advanced_options') . '</a></h3>', '<div id="advanced" class="toggle" style="display:none">', n . graf('<label for="markup-body">' . gTxt('article_markup') . '</label>' . br . pref_text('textile_body', $textile_body, 'markup-body')), n . graf('<label for="markup-excerpt">' . gTxt('excerpt_markup') . '</label>' . br . pref_text('textile_excerpt', $textile_excerpt, 'markup-excerpt')), $allow_form_override ? graf('<label for="override-form">' . gTxt('override_default_form') . '</label>' . sp . popHelp('override_form') . br . form_pop($override_form, 'override-form')) : '', $custom_1_set ? custField(1, $custom_1_set, $custom_1) : '', $custom_2_set ? custField(2, $custom_2_set, $custom_2) : '', $custom_3_set ? custField(3, $custom_3_set, $custom_3) : '', $custom_4_set ? custField(4, $custom_4_set, $custom_4) : '', $custom_5_set ? custField(5, $custom_5_set, $custom_5) : '', $custom_6_set ? custField(6, $custom_6_set, $custom_6) : '', $custom_7_set ? custField(7, $custom_7_set, $custom_7) : '', $custom_8_set ? custField(8, $custom_8_set, $custom_8) : '', $custom_9_set ? custField(9, $custom_9_set, $custom_9) : '', $custom_10_set ? custField(10, $custom_10_set, $custom_10) : '', n . graf('<label for="keywords">' . gTxt('keywords') . '</label>' . sp . popHelp('keywords') . br . n . '<textarea id="keywords" name="Keywords" cols="18" rows="5">' . htmlspecialchars(str_replace(',', ', ', $Keywords)) . '</textarea>'), n . graf('<label for="article-image">' . gTxt('article_image') . '</label>' . sp . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit', '', '', 22, '', 'article-image')), n . graf('<label for="url-title">' . gTxt('url_title') . '</label>' . sp . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit', '', '', 22, '', 'url-title')), '</div> <h3 class="plain"><a href="#recent" onclick="toggleDisplay(\'recent\'); return false;">' . gTxt('recent_articles') . '</a>' . '</h3>' . '<div id="recent" class="toggle" style="display:none">'; $recents = safe_rows_start("Title, ID", 'textpattern', "1=1 order by LastMod desc limit 10"); if ($recents) { echo '<ul class="plain-list">'; while ($recent = nextRow($recents)) { if (!$recent['Title']) { $recent['Title'] = gTxt('untitled') . sp . $recent['ID']; } echo n . t . '<li><a href="?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID'] . '">' . escape_title($recent['Title']) . '</a></li>'; } echo '</ul>'; } echo '</div>'; } else { echo sp; } echo '</td>' . n . '<td id="article-main">'; //-- title input -------------- if ($view == 'preview') { echo hed(gTxt('preview'), 2) . hed($Title, 1); } elseif ($view == 'html') { echo hed('XHTML', 2) . hed($Title, 1); } elseif ($view == 'text') { echo n . '<p><label for="title">' . gTxt('title') . '</label>' . sp . popHelp('title') . br . '<input type="text" id="title" name="Title" value="' . escape_title($Title) . '" class="edit" size="40" tabindex="1" />'; if ($step != 'create') { include_once txpath . '/publish/taghandlers.php'; $url = permlinkurl_id($ID); if ($Status != 4 and $Status != 5) { $url .= (strpos($url, '?') === FALSE ? '?' : '&') . 'txpreview=' . intval($ID) . '.' . time(); } echo sp . sp . '<a href="' . $url . '" class="article-view">' . gTxt('view') . '</a>'; } echo '</p>'; } //-- body -------------------- if ($view == 'preview') { if ($textile_body == USE_TEXTILE) { echo $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { echo nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { echo $Body; } } } } elseif ($view == 'html') { if ($textile_body == USE_TEXTILE) { $bod = $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { $bod = nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { $bod = $Body; } } } echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code'); } else { echo n . graf('<label for="body">' . gTxt('body') . '</label>' . sp . popHelp('body') . br . '<textarea id="body" name="Body" cols="55" rows="31" tabindex="2">' . htmlspecialchars($Body) . '</textarea>'); } //-- excerpt -------------------- if ($articles_use_excerpts) { if ($view == 'text') { echo n . graf('<label for="excerpt">' . gTxt('excerpt') . '</label>' . sp . popHelp('excerpt') . br . '<textarea id="excerpt" name="Excerpt" cols="55" rows="5" tabindex="3">' . htmlspecialchars($Excerpt) . '</textarea>'); } else { echo n . '<hr width="50%" />'; echo $textile_excerpt == USE_TEXTILE ? $view == 'preview' ? graf($textile->textileThis($Excerpt)) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($textile->TextileThis($Excerpt))), 'code') : graf($Excerpt); } } //-- author -------------- if ($view == "text" && $step != "create") { echo '<p class="small">' . gTxt('posted_by') . ': ' . htmlspecialchars($AuthorID) . ' · ' . safe_strftime('%d %b %Y · %X', $sPosted); if ($sPosted != $sLastMod) { echo br . gTxt('modified_by') . ': ' . htmlspecialchars($LastModID) . ' · ' . safe_strftime('%d %b %Y · %X', $sLastMod); } echo '</p>'; } echo hInput('from_view', $view), '</td>'; echo '<td id="article-tabs">'; //-- layer tabs ------------------- echo $use_textile == USE_TEXTILE || $textile_body == USE_TEXTILE ? '<ul>' . (tab('text', $view) . tab('html', $view) . tab('preview', $view)) . '</ul>' : ' '; echo '</td>'; echo '<td id="article-col-2">'; if ($view == 'text') { if ($step != 'create') { echo n . graf(href(gtxt('create_new'), 'index.php?event=article')); } //-- prev/next article links -- if ($step != 'create' and ($prev_id or $next_id)) { echo '<p>', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>'; } //-- status radios -------------- echo n . n . '<fieldset id="write-status">' . n . '<legend>' . gTxt('status') . '</legend>' . n . status_radio($Status) . n . '</fieldset>'; //-- category selects ----------- echo n . n . '<fieldset id="write-sort">' . n . '<legend>' . gTxt('sort_display') . '</legend>' . n . graf('<label for="category-1">' . gTxt('category1') . '</label> ' . '<span class="small">[' . eLink('category', '', '', '', gTxt('edit')) . ']</span>' . br . n . category_popup('Category1', $Category1, 'category-1')) . n . graf('<label for="category-2">' . gTxt('category2') . '</label>' . br . n . category_popup('Category2', $Category2, 'category-2')); //-- section select -------------- if (!$from_view && !$pull) { $Section = getDefaultSection(); } echo n . graf('<label for="section">' . gTxt('section') . '</label> ' . '<span class="small">[' . eLink('section', '', '', '', gTxt('edit')) . ']</span>' . br . section_popup($Section, 'section')) . n . '</fieldset>' . n . n . '<h3 class="plain"><a href="#more" onclick="toggleDisplay(\'more\'); return false;">' . gTxt('more') . '</a></h3>', '<div id="more" class="toggle" style="display:none">'; //-- comments stuff -------------- if ($step == "create") { //Avoiding invite disappear when previewing $AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite; if ($comments_on_default == 1) { $Annotate = 1; } } if ($use_comments == 1) { echo n . n . '<fieldset id="write-comments">' . n . '<legend>' . gTxt('comments') . '</legend>'; $comments_expired = false; if ($step != 'create' && $comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $sPosted; if ($time_since > $lifespan) { $comments_expired = true; } } if ($comments_expired) { echo n . n . graf(gTxt('expired')); } else { echo n . n . graf(onoffRadio('Annotate', $Annotate)) . n . n . graf('<label for="comment-invite">' . gTxt('comment_invitation') . '</label>' . br . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit', '', '', '', '', 'comment-invite')); } echo n . n . '</fieldset>'; } if ($step == "create" and empty($GLOBALS['ID'])) { //-- timestamp ------------------- //Avoiding modified date to disappear $persist_timestamp = !empty($store_out['year']) ? safe_strtotime($store_out['year'] . '-' . $store_out['month'] . '-' . $store_out['day'] . ' ' . $store_out['hour'] . ':' . $store_out['minute'] . ':' . $store_out['second']) : time(); echo n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('publish_now', '1', $publish_now, '', 'publish_now') . '<label for="publish_now">' . gTxt('set_to_now') . '</label>') . n . graf(gTxt('or_publish_at') . sp . popHelp('timestamp')) . n . graf(gtxt('date') . sp . tsi('year', '%Y', $persist_timestamp) . ' / ' . tsi('month', '%m', $persist_timestamp) . ' / ' . tsi('day', '%d', $persist_timestamp)) . n . graf(gTxt('time') . sp . tsi('hour', '%H', $persist_timestamp) . ' : ' . tsi('minute', '%M', $persist_timestamp) . ' : ' . tsi('second', '%S', $persist_timestamp)) . n . '</fieldset>'; //-- expires ------------------- $persist_timestamp = !empty($store_out['exp_year']) ? safe_strtotime($store_out['exp_year'] . '-' . $store_out['exp_month'] . '-' . $store_out['exp_day'] . ' ' . $store_out['exp_hour'] . ':' . $store_out['exp_minute'] . ':' . $store_out['second']) : NULLDATETIME; echo n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf(gtxt('date') . sp . tsi('exp_year', '%Y', $persist_timestamp) . ' / ' . tsi('exp_month', '%m', $persist_timestamp) . ' / ' . tsi('exp_day', '%d', $persist_timestamp)) . n . graf(gTxt('time') . sp . tsi('exp_hour', '%H', $persist_timestamp) . ' : ' . tsi('exp_minute', '%M', $persist_timestamp) . ' : ' . tsi('exp_second', '%S', $persist_timestamp)) . n . '</fieldset>' . n . n . '</div>'; //-- publish button -------------- echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish", '', '', '', 4) : fInput('submit', 'publish', gTxt('save'), "publish", '', '', '', 4); } else { //-- timestamp ------------------- if (!empty($year)) { $sPosted = safe_strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second); } echo n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('reset_time', '1', $reset_time, '', 'reset_time') . '<label for="reset_time">' . gTxt('reset_time') . '</label>') . n . graf(gTxt('published_at') . sp . popHelp('timestamp')) . n . graf(gtxt('date') . sp . tsi('year', '%Y', $sPosted) . ' / ' . tsi('month', '%m', $sPosted) . ' / ' . tsi('day', '%d', $sPosted)) . n . graf(gTxt('time') . sp . tsi('hour', '%H', $sPosted) . ' : ' . tsi('minute', '%M', $sPosted) . ' : ' . tsi('second', '%S', $sPosted)) . n . hInput('sPosted', $sPosted), n . hInput('sLastMod', $sLastMod), n . hInput('AuthorID', $AuthorID), n . hInput('LastModID', $LastModID), n . '</fieldset>'; //-- expires ------------------- if (!empty($exp_year)) { if (empty($exp_month)) { $exp_month = 1; } if (empty($exp_day)) { $exp_day = 1; } if (empty($exp_hour)) { $exp_hour = 0; } if (empty($exp_minute)) { $exp_minute = 0; } if (empty($exp_second)) { $exp_second = 0; } $sExpires = safe_strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second); } echo n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf(gtxt('date') . sp . tsi('exp_year', '%Y', $sExpires) . ' / ' . tsi('exp_month', '%m', $sExpires) . ' / ' . tsi('exp_day', '%d', $sExpires)) . n . graf(gTxt('time') . sp . tsi('exp_hour', '%H', $sExpires) . ' : ' . tsi('exp_minute', '%M', $sExpires) . ' : ' . tsi('exp_second', '%S', $sExpires)) . n . hInput('sExpires', $sExpires) . n . '</fieldset>' . n . n . '</div>'; //-- save button -------------- if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) { echo fInput('submit', 'save', gTxt('save'), "publish", '', '', '', 4); } } } echo '</td></tr></table></form>'; }
/** * Renders author partial. * * The rendered widget can be customised via the 'article_ui > author' * pluggable UI callback event. * * @param array $rs Article data * @return string HTML */ function article_partial_author($rs) { extract($rs); $out = n . '<p class="author"><small>' . gTxt('posted_by') . ': ' . txpspecialchars($AuthorID) . ' · ' . safe_strftime('%d %b %Y · %X', $sPosted); if ($sPosted != $sLastMod) { $out .= br . gTxt('modified_by') . ': ' . txpspecialchars($LastModID) . ' · ' . safe_strftime('%d %b %Y · %X', $sLastMod); } $out .= '</small></p>'; return pluggable_ui('article_ui', 'author', $out, $rs); }
function handle_lastmod($unix_ts = NULL, $exit = 1) { global $prefs; extract($prefs); if ($send_lastmod and $production_status == 'live') { $unix_ts = get_lastmod($unix_ts); # make sure lastmod isn't in the future $unix_ts = min($unix_ts, time()); # or too far in the past (7 days) $unix_ts = max($unix_ts, time() - 3600 * 24 * 7); $last = safe_strftime('rfc822', $unix_ts, 1); header("Last-Modified: {$last}"); header('Cache-Control: no-cache'); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); if ($hims and @strtotime($hims) >= $unix_ts) { log_hit('304'); if (!$exit) { return array('304', $last); } txp_status_header('304 Not Modified'); # some mod_deflate versions have a bug that breaks subsequent # requests when keepalive is used. dropping the connection # is the only reliable way to fix this. if (empty($lastmod_keepalive)) { header('Connection: close'); } header('Content-Length: 0'); # discard all output while (@ob_end_clean()) { } exit; } if (!$exit) { return array('200', $last); } } }
function list_languages($message = '') { global $prefs, $locale, $txpcfg, $textarray; require_once txpath . '/lib/IXRClass.php'; // Select and save active language if (!$message && ps('step') == 'list_languages' && ps('language')) { $locale = doSlash(getlocale(ps('language'))); safe_update("txp_prefs", "val='" . doSlash(ps('language')) . "'", "name='language'"); safe_update("txp_prefs", "val='" . $locale . "'", "name='locale'"); $textarray = load_lang(doSlash(ps('language'))); $locale = setlocale(LC_ALL, $locale); $message = gTxt('preferences_saved'); } $active_lang = safe_field('val', 'txp_prefs', "name='language'"); $lang_form = tda(form(gTxt('active_language') . ' ' . languages('language', $active_lang) . ' ' . fInput('submit', 'Submit', gTxt('save_button'), '') . eInput('prefs') . sInput('list_languages'), 'display:inline;'), ' style="text-align:center" colspan="3"'); $client = new IXR_Client(RPC_SERVER); #$client->debug = true; $available_lang = array(); $rpc_connect = false; $show_files = false; # Get items from RPC @set_time_limit(90); if (gps('force') != 'file' && $client->query('tups.listLanguages', $prefs['blog_uid'])) { $rpc_connect = true; $response = $client->getResponse(); foreach ($response as $language) { $available_lang[$language['language']]['rpc_lastmod'] = gmmktime($language['lastmodified']->hour, $language['lastmodified']->minute, $language['lastmodified']->second, $language['lastmodified']->month, $language['lastmodified']->day, $language['lastmodified']->year); } } elseif (gps('force') != 'file') { $msg = gTxt('rpc_connect_error') . "<!--" . $client->getErrorCode() . ' ' . $client->getErrorMessage() . "-->"; } # Get items from Filesystem $files = get_lang_files(); if (gps('force') == 'file' || !$rpc_connect) { $show_files = true; } if ($show_files && is_array($files) && !empty($files)) { foreach ($files as $file) { if ($fp = @fopen(txpath . DS . 'lang' . DS . $file, 'r')) { $name = str_replace('.txt', '', $file); $firstline = fgets($fp, 4069); fclose($fp); if (strpos($firstline, '#@version') !== false) { @(list($fversion, $ftime) = explode(';', trim(substr($firstline, strpos($firstline, ' ', 1))))); } else { $fversion = $ftime = NULL; } $available_lang[$name]['file_note'] = isset($fversion) ? $fversion : 0; $available_lang[$name]['file_lastmod'] = isset($ftime) ? $ftime : 0; } } } # Get installed items from the database # I'm affraid we need a value here for the language itself, not for each one of the rows $rows = safe_rows('lang, UNIX_TIMESTAMP(MAX(lastmod)) as lastmod', 'txp_lang', "1 GROUP BY lang ORDER BY lastmod DESC"); foreach ($rows as $language) { $available_lang[$language['lang']]['db_lastmod'] = $language['lastmod']; } $list = ''; # Show the language table foreach ($available_lang as $langname => $langdat) { $file_updated = isset($langdat['db_lastmod']) && @$langdat['file_lastmod'] > $langdat['db_lastmod']; $rpc_updated = @$langdat['rpc_lastmod'] > @$langdat['db_lastmod']; $rpc_install = tda(strong(eLink('prefs', 'get_language', 'lang_code', $langname, isset($langdat['db_lastmod']) ? gTxt('update') : gTxt('install'), 'updating', isset($langdat['db_lastmod']))) . br . safe_strftime('%d %b %Y %X', @$langdat['rpc_lastmod']), isset($langdat['db_lastmod']) ? ' style="color:red;text-align:center;background-color:#FFFFCC;"' : ' style="color:#667;vertical-align:middle;text-align:center"'); $list .= tr(tda(gTxt($langname) . tag(isset($langdat['db_lastmod']) ? br . ' ' . safe_strftime('%d %b %Y %X', $langdat['db_lastmod']) : '', 'span', ' style="color:#aaa;font-style:italic"'), isset($langdat['db_lastmod']) && $rpc_updated ? ' nowrap="nowrap" style="color:red;background-color:#FFFFCC;"' : ' nowrap="nowrap" style="vertical-align:middle"') . n . ($rpc_updated ? $rpc_install : tda(isset($langdat['rpc_lastmod']) ? gTxt('updated') : '-', ' style="vertical-align:middle;text-align:center"')) . n . ($show_files ? tda(tag(isset($langdat['file_lastmod']) ? eLink('prefs', 'get_language', 'lang_code', $langname, $file_updated ? gTxt('update') : gTxt('install'), 'force', 'file') . br . ' ' . safe_strftime($prefs['archive_dateformat'], $langdat['file_lastmod']) : ' ', 'span', $file_updated ? ' style="color:#667;"' : ' style="color:#aaa;font-style:italic"'), ' class="langfile" style="text-align:center;vertical-align:middle"') . n : '')) . n . n; } // Output Table + Content pagetop(gTxt('update_languages'), $message); if (isset($msg) && $msg) { echo tag($msg, 'p', ' style="text-align:center;color:red;width:50%;margin: 2em auto"'); } echo startTable('list'), tr(tdcs(hed(gTxt('manage_languages'), 1), 3)), tr(tdcs(sLink('prefs', 'prefs_list', gTxt('site_prefs'), 'navlink') . sp . sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink') . sp . sLink('prefs', 'list_languages', gTxt('manage_languages'), 'navlink-active'), '3')), tr(tda(' ', ' colspan="3" style="font-size:0.25em"')), tr($lang_form), tr(tda(' ', ' colspan="3" style="font-size:0.25em"')), tr(tda(gTxt('language')) . tda(gTxt('from_server')) . ($show_files ? tda(gTxt('from_file')) : ''), ' style="font-weight:bold"'); echo $list; if (!$show_files) { $linktext = gTxt('from_file') . ' (' . gTxt('experts_only') . ')'; echo tr(tda(' ', ' colspan="3" style="font-size:0.25em"')) . tr(tda(strong(eLink('prefs', 'list_languages', 'force', 'file', $linktext)), ' colspan="3" style="text-align:center"')); } elseif (gps('force') == 'file') { echo tr(tda(' ', ' colspan="3" style="font-size:0.25em"')) . tr(tda(sLink('prefs', 'list_languages', strong(gTxt('from_server'))), ' colspan="3" style="text-align:center"')); } echo endTable(); $install_langfile = gTxt('install_langfile', array('{url}' => strong('<a href="' . RPC_SERVER . '/lang/">' . RPC_SERVER . '/lang/</a>'))); if ($install_langfile == 'install_langfile') { $install_langfile = 'To install new languages from file you can download them from <b><a href="' . RPC_SERVER . '/lang/">' . RPC_SERVER . '/lang/</a></b> and place them inside your ./textpattern/lang/ directory.'; } echo tag($install_langfile, 'p', ' style="text-align:center;width:50%;margin: 2em auto"'); }